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SHAWN POWERS 


Warm Up Those 


Spinnerets! 


nstant gratification is quite gratifying. Because 
] haven't yet perfected the Arduino Wetwired 

Electronic Semi-Omniscient Memory Enhancer 
(AWE.S.O.M.E. for short), we figured the best way 
to serve our fast-paced world was to have a Web 
Development issue. Let’ face it, if you want to see the 
weather forecast, you visit a weather Web site, Waiting 
for the six o'clock news takes too long, and I'm not 
willing to admit 'm old enough to watch The Weather 
Channel. The Web, along with its Twitte-esque 
companions, is currently the fastest way to get 
information to the masses. And we want to help. 

Reuven M. Lerner starts things off with the back 
end of the Internet. No, | don't mean my personal 
Web site; | mean databases. This month, Reuven 
looks at PostgreSQL 9.0. Even if you're a MySQL 
fan, PostgreSQL is hard to hate, and Reuven 
explains why. Dave Taylor is hard to hate as well, 
and this month, he takes us back to our youth with 
the second part of his series on creating Mad Libs. 
| did my first Mad! Lib when | was [ANY_NUMBER] 
years old, while I was [ACTIVE_VERB] in [PLACE], 
and it was really [DESCRIPTIVE_ADJECTIVE] 

Kyle Rankin and Mick Bauer teach us about 
servers this time around. Kyle describes creating 2 
DNS server as part of his series “Building Your Own 
Personal Server". DNS can be complicated, but Kyle 
walks through setting up the industry standard, 
BIND. Mick is on the opposite end of the spectrum 
With his “Interview with a Ninja". What Kyle shows 
how to build, Mick and his ninja talk about hacking 
into—good information from both guys. 

We've all been 37 steps into an on-line form, only 
to have a click of the Back button completely ruin the 
form on which we worked so hard. Creating desktop- 
like Web apps is popular, but sometimes the sites we 
visit don’t work the way we expect. We want the 
Back button to take us back a page, but with Web 
programming, that’s not always as easy as it sounds. 
‘Avi Deitcher addresses the problem and explains 
how to make AJAX applications honor the venerable 
Back button. Avi also shows why JavaScript itself 
is so awesome in another article, "Simplicity and 
Performance: JavaScript on the Server”. Go get a 
cup of java, and check out his JavaScript articles 
You'll be a better programmer for it. 

Some of us aren't hard-core programmers, but 
we still need to get information onto the Web and 
have it look good and perform well. That's when 
content management systems are awesome. Michael 
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Connors introduces Zotonic, a content management 
system based on Erlang. If you're new to the idea of 
‘a. CMS, you'll want to check out Zotonic, which is a 
CMS, but also a Web framework. Drupal, on the other 
hand, is a traditional CMS that is used in thousands of 
‘Web sites across the planet. Our own Linuxlournal.cam 
Web site runs Drupal, and this month, Webmistress 
Katherine Druckman interviews Angela Byron, the 
co-maintainer of Drupal 7. Reading the interview will 
teach you a bit about Drupal, but even more than that, 
it will give you a behind:-the-scenes glimpse at manag- 
ing a large open-source project. Drupal 7 sounds lke a 
huge step forward in usability, and its Angela's jab to 
make sure that step doesn't trip and fall along the way. 

| know some of you are annoyed by the Web 
and its dependence on mouse clicking. | suspect kyle 
Rankin and his terminal window are as well. James 
Walker feels the same way and introduces Drush, 
‘a. commandline interface for Drupal. Sure, a nice 
GUI is great, but sometimes its hard to beat a simple 
‘command line. James demonstrates a click-free way 
to interact with Drupal. It's pretty cool for those of 
Us addicted to the command line. 

If you're not interested in the Web at all, we 
haven't forgotten you this month. Whether you 
want to make a quick user interface with Qt (Johan 
Thelin shows how) or manage and convert your 
e-book collection with Calibre (Dan Sawyer 
explains the process), this issue is bound to please. 
We also have a review of D-Link’s Boxee Box by 
yours truly, and we have instructions on how to 
find yourself—with Google Maps (Mike Dieh! 
shows how to manipulate the API) 

This is a very fun issue, and until my 
AWES.O.ME. is fully developed, turning the 
page and reading is the best way to assimilate 
the information. I'm not sure whether my Arduino 
brain implant will be ready for the Cool Projects 
issue, but those interested in beta testing should 
feel free to contact me. Just think real hard and 
the message should get to me, assuming my 
A.W.ES.O.M.E. is working correctly. Until then, 
have a [DESCRIPTIVE_ADJECTIVE] [TIME_PERIOD], 
‘and we'll [ACTION_VERB] you next month!m 


‘Shawn Powers isthe Associate Editor for Linux Journal. He's als the 
Gadget uy for Lioucourna.com, and he hasan interesting collection of 
vintage Garfield coffe mugs. Don't his sil hairdo fol you, he's a prety 
‘ordinary guy and canbe reached via e-mail at shawn @linuxjournaLcam. 
‘0 swing bythe Minusjournl IRC channel on Freenode net. 
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letters 


JOURNAL ers 


Letters Complaining about Linux 
| get annoyed every time a Linux magazine 
publishes a letter complaining about some 
supposed shortcoming of Linux compared 
to Windows. And, since Linux Journal 
seems to do it at least every other issue, 
| get annoyed a lot. 


Sure, Linuk isn't perfect. No OS is. But the 
suggestion that things just work in Windows 
or that itis easier to correct problems is 
wrong, In my experience, things are mare 
likely to “just work" in Linux. 


In Windows, you often have to hunt down 
an install disk. And, forget about getting 
your problem solved when Windows 
messes up. Instead of being able to fix 
a config file, you usually end up going 
through multiple un-installs, reboots 
and re-installs hoping that eventually it 
will work 


| suspect that the people saying they're 
going back to Windows are actually 
marketing trolls employed by a certain 
closed-source company to promote its OS. 
Otherwise, there is no way any rational 
person could really imagine that Windows 
is in any way superior to Linux in the 
ease-of-use department. 


Windows wins in only one area so far 
as | can see. It comes pre-installed, 
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while you usually have to install Linux. 
Otherwise, it's just painful compared to 
any recent Linux distribution. 


Gary Dal 


| do think a fair number of people legit 
mately switch back to Windows. And, 
that’s fine, what with free will and all. For 
a very large amount of computer needs, 
Linux fits the bill perfectly. There are a few 
instances when it does not. Commercial 
gaming is one of them for sure, (That's 
not to say there aren't many games for 
Linux, commercial and otherwise, just that 
the majority still are Windows-only,) 


| think an even bigger pull, however, is 
peer support. Everyone has a cousin or 
uncle that can help with computer prob- 
lems. Not too many people have someone 
who can help with Linux problems. Again, 
that’s not to say help is unavailable, it’s just 
nontraditional. While calling weird Uncle 
Marvin for Windows support isn't always 
the smartest thing to do, it’s what many 
people are comfortable doing. Plus, with 
Windows 7, the “searching for drivers” 
game is largely over. Perhaps Microsoft 
took its cues from the Linux world, but for 
the most part, Windows now has drivers 
for mast products by defautt. 


Either way, it's hard to beat free, and 
Linux has several varieties of free from 
which to choose. | don’t expect Microsoft 
to follow suit any time soon —Ed. 


Net Neutrality Legislation 

We in the FOSS world often talk about 
freedom and stress its importance. That is 
why | am so disappointed in the recent 
legislation on Net Neutrality. We honor 
people's freedom to use their belongings 
as they best see fit, yet we fall for the 
canard that if people associate, and 
freely pool their resources, maybe even 
incorporate, then their property and 
freedoms should be curtailed 


‘And, typically, such actions have unintended 
consequences. Rather than see a small 
number of large corporations negotiate 
terms of the values of different kinds 
of Net traffic with each other or their 


customers, we will have those same 
corporations working with Washington 
representatives to mold and modify the 
regulations of Net Neutrality on an ongoing 
basis. Google and Verizon are not leaders 
in the Net Neutrality effort from the 
desire to have their traffic treated like any 
other—they are there to influence the 
rules and rule-makers right from the start 
So there will be Net non-Neutrality, but 
instead of being based on who has the 
best deal, with the consumer-driven 
marketplace to correct the eventual 
mistakes, such rules will be based on 
those who have the best lobbyists and the 
most influence to pedal. These deals will 
be forged in back rooms and after-hours 
deals. The small quy or startup will have a 
harder time getting established, and the 
consumer will have less visibility and 
opportunity to correct problems. 


This Net Neutrality regulation replaces 
freedom with centralized control, and 
that’s a danger any FOSS proponent 
should recognize. 


Keith Reed 


Scary 1984 references aside, Net 
Neutrality is a worrisome topic. | fear that 
since the world now depends on data 
‘more than ever before, the waters are 
going to get murkier rather than clearer 
Sadly, | don’t really have anything to acid 
to your comment, other than an urge to 
don my tin-foil hat Ed. 

Unity Desktop 

Thank you for the February 2011 issue 
about the Linux desktop. | am running 
Ubuntu 10.10 on an Eee PC and find it far 
superior to the Microsoft XP system that 
\was delivered with it, with one exception 
(and Mr Shuttleworth wanted some feed- 
back about the Unity desktop). | found it 
to be difficult to use. Most of the applica- 
tions | need are buried way down in the 
menus, often requiring longer to find 
them than | was willing to spend. | could 
have simply customized the icon mix on 
the icon list; however, there is a shocking 
lack of any resource to instruct me on 
changing the behavior. Until setting it up 
With the user icon selection is intuitive, the 


Unity interface will not be widely adopted, 
and worse, it will not win any Linux 
converts from the Windows crowd. 
Fortunately, | was able to find the key 
to starting the more traditional desktop, 
and | am off and running with it. Mr 
Shuttleworth should consider studying 
not only confirmed Linux users, but more 
‘casual users as well. like the concepts 
behind Unity, but the implementation 
needs a bit of intuition built in, but then 
again, that’s what innovation is all about. 
Please keep up the good work 


Jim 0. 


I'm completely with you on this one. 
recently put the Ubuntu 10.10 Netbook 
edition on my Netbook as well, and | 
absolutely hate Unity. Like you, {find it 
hard to get to applications, and although 
a simple menu is quick and responsive on 
an underpowered Netbook, | found the 
Unity interface slow and Kludgy. 


Thankfully, Unity is just the default, 
and it can be changed easily. As to why 
Canonical decided Unity was the ideal 
interface, | have no idea. Perhaps it will be 
better when it hits the 11.04 desktop edition, 
but as itis now, I'm not a fan —Ed. 


No Chance! 

| read Stuart Jarvis’ article “Organize Your 
Life with Nepomuk” with great interest 
IU, February 2011]. With open source, | 
appreciate the accessibility of information. 
If something interesting exists, it will be 
known by the community. 


The problem is the name of the project! 
Nepomuk is also the name of Hitler's 
grandmother. The family history is 
complicated, not glorious, and a great 
part of it has been removed by Hitler 
himself, so | cannot be more precise. 


The project has nothing to do with that, 
but this coincidence can be harmful for 
Us. | don't know what to do. Changing 
the name is not a good idea; doing 
nothing is certainly the best, hoping that 
nobody knows the grandmother's name! 
Happy New Year and thank you for the 
quality of your work. 


Stuart Jarvis replies: I'm glad you liked the 
article. You are right, sharing information is 


one of the great things about free software. 


About the name Nepomuk, as I'm sure 
‘you know, it is an acronym and one that 
was chasen by the original research pro- 
ject rather than by KDE. We had not made 
‘any association with Hitler's grandmother, 
but there are plenty of other more whole- 
some connections that can be made. 
There is, for example, John of Nepomuk, 
a national saint in the Czech Republic, 
and Nepomuk is also a friendly dragon 
in a German children’s book. 


Within KDE software itself, we prefer to 
talk about the “semantic desktop" (or the 
results of the technology, such as desktop 
search), as that is a more descriptive and 
understandable name, So, we do not see 
a need to change the name of the tech- 
nology, but we already were planning not 
to use "Nepomuk” very widely. 


hope you will enjoy using KDE software 
that benefits from Nepomuk as the 
technology continues to mature. 


Feedback Error 

In the February 2011 issue's Letters 
section, Jeffrey Brendecke said that in 
Dave Taylor’ article in the Novernber 2010 
issue “Scripting Common File Rename 
Operations” the code snippet 
f=foo.bar.txt echo "$f" | cut -d 
-f2 results in bar. txt. In fact, it returns 
bar. Using -f3 in the cut would have 
gotten us txt. 


Scott Field 


xwinwrap 
Hove the ability of many “smart” phones to 
have an animated background. | searched 
the Internet for a way to replicate the effect 
on my computer and stumbled on the pro- 
{gram awinwrap from different forums, After 
a little bit of digging, | found a deb 
and now enjoy various video loops as 
my desktop. It would be awesome if an 
article was written highlighting this program 
to other Linux Journal readers. 


Milton Pleasant 


Thanks Milton! You just gave me an idea 
for a Linux Journal Tech Tip video. I'll be 
sure to give you credit —Ed. 


Why Not to Use Gmail 
I've been using Linux for 11 years and 


(LETTERS; 


Gmail for almost six years. Recently, I've 
slowly started to realize | don't own or 
control my e-mail. Astonishing, | know. 
Anyway, | did a quick Google search (silly, 
right?) and was unable to find anything 

In “reasons to avoid using Gmail”. | was 
wondering if LJ would be interested in 
doing an article on this. | know we all lave 
Google for its genuine greatness when it 
comes to selling us free items, but | really 
think it would be awesome to see the flip 
side of this. Thanks a bunch! 


Greg 


‘Oddly enough, many of our readers already 
don’t use Gmail. must admit, 'do myself, 
but I get chided for it often. 1 do think Gmail 
gets targeted rather specifically in these 
things though, when in reality Hotmail and 
Yahoo are just as creepy. Sure, you can delete 
e-mail easier With them, but does it really get 
deleted? How would we know? Yes, it's 
scary how much information is stored on 
servers we don't control. And, don't even get 
‘me started on Facebook!—Ed, 


Web0S and Technology 

Web0S lies dormant on the playing field 
and slowly begins to rebuild itself. The 
challenge as a user is finding consumer 
confidence. With HP bringing various 
assets to the front, it can grow confidence. 
had a choice between a Pixi Plus and a 
Droid and chose the open productivity 
of the Palm. 


Of all things, the Open Source community 
grows stronger daily, in large part because 
consumerism drives trends. It is not always a 
matter that is driven by passing fads. Open 
source is one of the best ways to go in the 
large and expanding community. | look for- 
\ward to Palm and HP expanding the market 
and forming confidence in the end product. 


Joseph Zieh 


We have at least one WebOS fan here 
on staff at Linux Journal. Most of us just 
haven't had an opportunity to try it. In the 
past, you had to be a Sprint user to get a 
Palm, so that really hurt adoption. Perhaps 
now that HP is running things, we'll see a 
bit wider availability, and perhaps WebOS 
will catch on. Android has a huge head 
start though. Hopefully, WebOS will do 
well, and we'll continue to have choices 
that are open. Those are my favorite types 
of choices —Ee, 
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Tablets? 
| have to agree with Bill Childers in the 
recent Point/Counterpoint on the Tablet 
PC TU, February 2011]. | also would add 
hat | am waiting for a major improve- 
ment before | buy one, and that is 
multitasking, | feel lke itis 1994, and 
we are waiting for Windows 95 to come 
out. Pardon me, but that is the best 
analogy | could come up with. Also, 
hat time | had not found Linux yet 


The iPad has one very specific and pro- 
fessional use—in sales presentations and 
ite meetings. The salesman | work 

has told me that itis a 


presentation to a client, because itis 
hands-on, a novelty item and reduces 
he need for a projector and laptop. 

Otherwise, great job with the debate 


halgax 


XFCE Is Much Lighter 

on Resources 

In the February 2011 article “The 
nd-String Desktop”, Shawn 

5 compared Ubuntu to Xubuntu 
h used less RAM. He was 
shocked when they both used about 
he same amount of RAM, but he 
should not have been. The reason 

is that Xubuntu is not trying to be 
lighter on resources but instead simply 
an alternative to the traditional 
GNOME desktop environment. 
want to see how light XFCE really can 
be, you should look at CrunchBang 
XFCE. It uses less than 100MB of RAM 
when initially installed. It’s better than 
Ubuntu, Xubuntu and Lubuntu and 
perfect for low-resource systems. My 
point is that Ubuntu pulls in all so 
of unneeded and bloated dependen- 
jefeat the purpose 0 
source system 


At the time of this response, the 
Xubuntu home page says, “An official 
version of Ubuntu Linux that uses the 
XFCE desktop environment. Designed 
for low-specification computers”. So ! 
would arg 
be lighter than Ubuntu. You are correct 
that ample of 
an easy-on-the-resources implementa- 

tion of XFCE. As far well 


that Xubuntu is meant to 


12 | april 2011 www. linuxjournal 


that’s unfortunately a matter of pre 
ence, | don’t think any of them are 
‘better” than GNOME, but | freely 
admit that's my own opinion! Thanks 
for painting out CrunchBang though 
It's a great distro.—Ed. 


Re: “Netflix and Linux, It’s 
a DRM Shame” 

In the February 2011 issue's Upfront 
section, Shawn Powers mentions tha 
Netflix should release its proprietary 
software to users running GNU/Linux 
on their desktops, rather than just for 
devices, such as Roku. He mentions 
hat “the motivation to reverse-engineer 
[the software] would be close to ze 

| think Shawn is missing the point 


The free (as in freedom) software com- 
munity is ethically opposed to propri- 
etary software and, as a consequence, 
DRM (DRM cannot exist within free soft- 
ware). Should Netflix release its software, 
it never would be an option for the Free 
Software community. In fact, the only 
ethical use of proprietary software is to 
develop a free alternative. However, 
‘Netflix will never be a thought in my 
mind, even with a free decoder, until it 
removes its restrictions and provides a 
DRM-free, preferably open, format 


More information, including a petition 
to Netflix to remove its DRM, can be 
ound at DefectiveByDesign.org: 
www.defectivebydesign.org/ 
blog/1093. 


Mike Gerwitz 


| didn’t miss 1 
making a different point. Although | 
would love to see Netflix exist withaut 
DRM, {also would like to see Netflix 
exist in any form for Linux users. 
Whether individuals agree or disagree 
with Netfix’s business decisions, as it 
stands, the entire Linux Desktop 
nity is unable to use Netflix. 


ont; | was simply 


comm 
My point was not whether or not they 
should, but that they can't 


1am a proponent of free as in freedom. 
'm also a propanent af chaice. | 
continue to believe that people should 
be allowed to make choices with w 
we disagree. I could get my soapbox 
out, but | think (ll leave it there. Thanks 
for the feedback —Ed. 
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WHAT’S NEW IN KERNEL DEVELOPMENT 


‘The stable kernel efforts ance again have gotten out of control. In the old days, 
Linus Torvalds had a cute x.even and x.odd version-numbering scheme, where even 
releases were part of a stable series that would last six months or a year or thereabouts, 
and odd releases were part of a development series that would last roughly the same 
amount of time. During the stable series, only bug fixes would be accepted; during the 
development series, new features also could be added. Over time, that made various 
folks wish they were dead, because the long duration of the stable series meant that 
tons of people had to sit around and wait for the development series to open up again. 

With the 2.6 kernel, Linus abandoned the concept of a stable series, and this too led 
to some serious uncertainty among people who no longer had any kernel release they 
really could rely on. After some vicissitudes, Greg Kroah-Hartman and others started 
forking off various 2.6 releases that they would maintain as their own “stable series", 
simultaneously with Linus’ ongoing 2.6 release schedule, The world stopped its desperate 
careening, and everyone took an easy breath. 

Greg and his cohorts chose which 2.6 kernels to fork into a new stable series, largely 
based on what would work best for them. From the outside, it seemed to be a fairly 
arbitrary and unpredictable process, which gradually led to pain and suffering among a 
very specific subset of users—the distribution maintainers. Anyone maintaining a Linux 
distribution, or developing a Linux-based phone or other embedded device, really wanted 
to know which kernels were going to have their own stable series, so they could base all 
their hard work on that kernel. But because there was no way to predict it, those folks 
Were running into problems organizing their work, making market predictions and so 
forth. They began begging and pleading with Greg to start a new stable series for the 
particular kernel versions on which they each depended—or at least to make it more 
predictable which kernels would get a stable series. 

Greg and the other stable series folks couldn’t accommodate this without putting 
in a metric ton of additional work, so recently, Greg essentially decided to ditch the 
Whole project. 

From now on, he announced, he will no longer maintain long-term stable kernel 
trees. Instead, what he'll do is put out a few stable releases for each kernel, just until 
Linus releases the next development kernel version, at which point Greg will start putting 
out stable releases for that version and so on. This way, Greg says, people will be less 
likely to fixate on kernels that are super ald and out of date and concentrate on the 
more-recent, better, faster, stronger and more-beautiful kernel of the moment. 

The existing stable trees, particularly 2.6.27, 2.6.34 and 2.6.35, will not be going 
away. Instead, he’s handed them off to other folks, who will maintain them as they 
see fit, Presumably other maintainers may be found to continue the stable patch 
series of future kernels as well 

Willy Tarreau will be taking over the 2.6.27 kernel, and he says he plans to make it 
the new “ultra-stable” replacement for 2.4 Kernels. His intention is to give the remaining 
2.4 users an incentive finally to upgrade to 2.6 kernels. 

Paul Gortmaker will be taking over the 2.6.34 tree, essentially for his employer 
Wind River, who has products that rely on that kernel. 

And, Andi Kleen will be taking over the 2.6.35 tree, also essentially for his employer 
Intel, who plans to release its own distribution based on that series. 

So, that's how things stand. It's not clear how future stable series will come into 
existence, or who will be responsible for them, or how they'll be maintained. But, if 
the current situation is any indication, distribution maintainers may start assigning 
their engineers to become stable tree maintainers. Maybe that's the direction things 
have been going for a long time. 

ZACK BROWN 
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Get Green, 
with Brown! 


‘The folks at Recompute have taken 
the notion of “Going Green" to a 
whole new level. They've made 
computer cases out of recyclable 
cardboard. We had the pleasure of 
speaking with Recompute's Brenden 
Macaluso and took one of their 
computers for a test-drive. Here’s 
what we found 


1 The computers living inside the 
cardboard boxes are actually 
quite functional. Although 
they're not super-fast gaming 
machines, the computer options 
aren't just a bunch of low-end 
‘Atom machines. 


im The cases feel sturdy. We were 
leery about using a computer 
case made of cardboard, but it 
didn’t feel flimsy at all 


m Although a cardboard case doesn’t 
make the computer internals 
any more recyclable, it does 
actually make it easier to recycle 
those innards. They literally rip 
right out. 


There are many skeptics when 
it comes to the Recampute idea 
Some see the cardboard case as a 
gimmick, and some think a computer 
wrapped in brown craft paper is a 
fire hazard. If you have questions 
about the Recompute computer, 
check out the FAQ on the Web site: 
‘www.tecomputepe.com. For my full 
video review, check out our Web site 
wwwlinuxjournal.com/video/ 
review-recompute-pc 

SHAWN POWERS 
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NON-LINUX FOSS 


For Linux users, file decompression tools are as 
close as an apt-get or yum away. For Windows 
Users who want to extract more than ZIP files, it 
means installing a third-party application. That can 
mean paying for a program like WinRAR, or it can 
mean installing program like 7-Zip. 

7-2ip will decompress (and compress!) just about 
‘any compressed file you run across on the Internet. 
Sure, it supports its native .72 file format, but it doesn't 
force you to use that rather uncommon (but 
awesome) file format. tt integrates nicely into the 


WEBER BEERS 


right-click context menu, and its basicaly the only 
‘compression program a Windows user will ever need. Download it for free at www-7-2ip.org, 
SHAWN POWERS 


PINT-SIZE PPA PRIMER 


Package management in Linux is great, but unfortunately, it comes with a few cons. 
Granted, most distributions keep all your software, not just system software like 
Apple and Microsoft, updated. The downside is that 

software packages aren't always the latest 

versions. Whatever is in the repository is what @ 

you get. Another frustration is when the 

software you want to install isn’t in the 

distribution repositories at all. 

Usually, it's possible to add software 
packages, even if they're not in the 
repos. For Red Hat-based systems, 
those are RPM files. For Debian-based, 
they'te DEBs. Unfortunately, installing appli- 
cations that way doesn't give you upgrades @ 
when they're available; you need to keep them 
updated yourself. Most package management systems also have the ability to add 
third-party repos, but those don't always have the packages you want. 

Canonical has a feature in newer versions of Ubuntu that allow the best of bath 
worlds. They're called PPAs (Personal Package Archives). Instead of distributing .deb 
files, developers simply can distribute their PPAs. With a PPA, the software is updated 
automatically along with being installed in the first place. While installing PPAs 
hopefully will become simpler, in the short term, they're still pretty easy to install. 
You just need to find the right PPA structure, usually given by the developers that 
support the idea. For example, to install the Mozilla Daily Build PPA, simply type: 
sudo apt-add-repository ppa:ubuntu-mozilla-daily/ppa 

Someday, installing a third-party application will be as easy in Linux as it is 


in Windows and Macintosh. With ideas like PPA repositories, however, your 


software will stay updated. And, that sounds P-P-Perfect to me. 
SHAWN PowERS 
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MAXIMUM CALCULUS WITH MAXIMA 


e looked at Maxima in the February 2011 
issue to do algebra and rearrange some 
equations. But those aren't the only 
tricks up Maxima’s sleeve. This month, 

I describe how Maxima can help with 
differential equations, but I'm going ta leave out some of the 
intermediate results to save some space 

A lot of science involves figuring out how systems 
change over time and what causes those changes. When 

you start looking at changes, and especially rates of change, 

that is essentially calculus. Calculus and rates of change 

also are linked to slopes of lines on graphs. When you plot 

data and find an equation that describes it, you can find the 

slope of the line by taking the derivative of the equation: 

Let's look at a falling object and see what theory has to 

say about it. 

You should start by looking at how you get a derivative. 

Let's say you have the equation: 


(61) t09:= 2+ x 
(401) fx) 2+ 

You would find the first derivative by calling the function diff, 
giving it the equation to differentiate along with the variable to 


differentiate by. So, you would write 


(812) answer di TE (F(x) 
(802) a 


Maxima can do differentiation of expressions too. If yau have 
‘a couple equations, you can derive their ratio with: 


(613) gO := 4(1/2) 
(hia) ratio diff diff (gO /00 .x) 


(hoa) 


2sqrtx) (K+ 1 HT) 


This might be a bit messy to work with, so you might want to 
refactor it to a more concise form 


(815) factor (ratio ditt): 


(05) - 


ea 
2 sqrt(x) Oe + 1) 


Maxima also can handle trigonometric functions, but 
there are lots of identities you can use to help simplify equa- 
tions with trig functions in them. By default, Maxima does 
not try to apply these unless you specifically say so, using 
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special functions. As an example, let's say you have the 
following equation 


(816) GITT(sINGO/(L + cos00),x) 
2 


sin @) cos(x) 


(06) 


2 cos(x) +1 
(cos) +) 
(Ki7) factor(s) 
3 2 
sin (x) + cos (x) + cos(x) 


(407) 


(cos(x) + 1) 


That's still not very simple. If you then apply the function 
‘rigsimp, you can force Maxima to apply trigonometric simplification 
rules to the equation and see what you get: 

(ia) trigsinp(s) 


(08) 


cos(x) + 1 


You should be aware of some important caveats regarding 
how Maxima treats trig functions. The first is that sin(x)(-1) 
is the reciprocal of sine, not arcsine. To get the arcsine, you 
would use asin(x). The other is another trig simplification 
function, trigreduce. This function is used to reduce the 
powers of trig functions by using the multiple angle formulas. 
For example: 


(RI9), trigsimp(cos(x)2 + 2*sin(x)72) 
2 


(03) sin QQ +1 
(RI) trigreduce(cos(x)*2 + 2*sin(x)*2) 
cos(2 x) +1 1 cos(2 x) 
(%019) +2 (22+ 
2 z 2 


‘That may not look simpler than what you would get from 
trigsimp, but itis an easier form of the equation to use with other 
functions, lke integration. 

Maxima can apply the chain rule when doing a derivative. Say 
you have the equation: 


(RIL) (x)= «937: 


(%o11) fx) i= x 
(8112) depends (x.u)$ 
(R113) diFE(FOX) .u) 
2 dk 
(%013) 3x 
du 


The line at $112 uses a new function, depends. This is 
a way of telling Maxima that x is a function of u, without 
explicitly defining a function describing this relationship. If 
you decide later that you want to define an actual equation 
for this relation, you can use: 


(%i14) remove( [x,u] .dependency) ; 


(014) done 
(8115) x:sim(u) 
(%015) sin(u) 


(816) IFFT CX) Ww): 
2 
(%016) 3 cos(u) sin (u) 
‘Along the same lines, Maxima can handle implicit differentiation. 
Say you have the equation x2 + yA2 = 25, and you want to 
find dy/dx. You need to use the depends function I just mentioned 
to handle this: 


(8117) eqn := x42 + y2 = 25 


2 2 

(%017) yrx=as 

(%i18) depends (y.x): 

(%018) (yoo) 

(%i19) deriv_of_eqndi ff (eqn,x) : 
oy 

(%019) 2y-4+2x=0 
dx 

(8128) solve (deriv_of_egn, ‘diff(y.x)) 
ay x 

(028) - 


The other side of calculus is integration. The basic function 
to do that in Maxima is called integrate. This function can 
do both definite and indefinite integrals. Indefinite integrals 
ate the symbolic form of integration you likely learned in 
school. For example: 


(8121) integrate (x*2,x) 
3 
(%021) 
3 


‘A definite integral actually is evaluated over an interval. This 

form of an integral can be visualized as the area under the curve 
defined by the equation you are integrating. To do definite inte- 
grals, simply add two arguments giving the start and end points 

of the interval 


(6122) integrate (x*2,x,0.1) 
1 
022) : 
3 
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Putting all these techniques together, you can solve a 
differential equation for a given variable—for example, solve 
dy/dx = f(x) for y. You can do this by doing all the required 
algebra and calculus, but you don’t really need to. Maxima 
has the very powerful function, ode2, which can do it in one 
step. Start with your equation: 


(123) eg: ‘itt yx) = sgre(aee2 - 1/43) 
oy v4 
(4023) oe = sgrt(- = ==) 
& tS 
(124) ode2(eq,y.3) : 
2 
ai 2 sort(x - x) 


(4024) y= Log (2 sgrt(e 0) 42-1) - - +H 


This one function call does the integration and the solve 
steps and gives you a final answer to the differential equation. 

Let's say you're doing an experiment dropping a coin and 
timing how long it takes to fall. How do you know whether 
the times you are measuring actually make sense? Let’s start 
With the most basic law: force = mass * acceleration. 

The mass of the coin is a constant, so ignore that for now. 
The force is the force due to gravity, pulling the cain down to 
the ground, and the acceleration describes the cain’s motion 
due to this force. The force due to gravity is a constant, at 
least here on Earth, and it depends linearly on the mass, so 
you can define the force as: 


(wil) force: mass * g: 
(01) mass 


The acceleration also is a constant, because both the mass 
and the force are constants. Acceleration is simply the rate of 
change of the velocity, and the velocity is the rate of change of 
the position, so you can set that up as: 


(812) depends (y,t) 


(02) tye] 
(BI3) acceleration: "diff ('diff(y.t).t): 


(803) 


Putting it all together, you get: 


(8i4) eq_of_motion: force = mass * acceleration 


(os) B mass = mass 
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(815) solve(eq_of_motion. y): 


(805) [-- = 2) 


You can see right away that how fast an abject falls doesn’t 
depend on the mass at all. Galilea was right! The next step is to 
do some integrating and see what you end up with 


(416) integrate (st) 
oy 

(06) [e+ = gt + Bel] 
at 


‘At this step, you would be able to find out the velocity 
(dy/dt) at time t, The additional term %c1 is a constant of 
integration. In this case, you can see that it represents the 
initial velocity of your penny. One more round of integration 
gives this: 


(47) integrate (st) 
1 2 
Lay gt 

(07) [I + dt = ---- + Wel t + Ke2] 
]at 2 


Now you can find the position, y, of your coin at any 
time, t. Again, a new constant of integration is introduced, 
‘%c2. In this case, you can see that this represents the starting 
height of your coin. But that's not what you were measuring, 
You were measuring how long it took the coin ta drop a 
given distance. So you need to do a bit of rearranging 
Because you are dropping your coin, you know that the start 
velocity Is 0 (that is, %c1=6). You can rewrite things a little to 
make it a bit clearer: 


IB) eqn: y = Cg + t°29/2 + y8: 


ee 
(108) y=ye+ 
2 
(238) sotvevegn,t) 
y ve ¥ 
(o9)[L= = sata) gett - --) v1 
ee ee 


There you go. You now have an equation for the time, given 
a height that your coin is dropping. With this theoretical relation 
Under your belt, you can check to see whether gravity is working 
correctly in your jocal lab. If not, you should contact the Nobel 
committee straightaway. 
‘This only scratches the surface of Maxima's capabilities in 

dealing with calculus and differential equations, but hopefully, 
this article gives you a starting point. Happy integrating, 

JOEY BERNARD 
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I'm doing a (free) operating system (just a hobby, 
won't be big and professional like gnu) for 386(486) 
AT clones. 

—Linus Torvalds 


Ihave an ego the size of a small planet. 
—Linus Torvalds 


Do you pine for the days when men were men and 
wrote their own device drivers? 
—Linus Torvalds and David Diamond 


If you need more than 3 levels of indentation, you're 
screwed anyway, and should fix your program. 
—Linus Torvalds 


Some people have told me they don't think a fat 
penguin really embodies the grace of Linux, which 
just tells me they have never seen an angry penguin 
charging at them in excess of 100 mph. They'd be a 
lot more careful about what they say if they had. 
—Linus Torvalds 


LINUXJOURNAL.COM 


This month, Linux Journal focuses on my favorite 
topic: Web development. We've compiled a fantastic 
collection of information here in the pages of this 
issue, and | look forward to leaming a thing or two 
along with you 

With the recent release of Drupal 7, | am excited 
to focus my attention once again on making signifi- 
cant improvements to Linuxlournal.com, and | hope 
you'll check in from time to time to see what's new 
on-line. A new major Drupal release is a great excuse 
to take a look at things that could use improvement 
on our site, as well as add new features to improve 
the overall experience for our readers. With the 
numerous improvements in Drupal 7 beckoning, 
| can’t wait to get started on what should be the 
best version of Linuxlournal.com yet 

Web development best practices are constantly 
evolving, and we all struggle to stay current or 
even ahead of the curve. Linux Journal and 
LinuxJournal.com are two important sources 
of the knowledge necessary to keep up with 
Web technology trends. Join us on-line at 
www.linuxjournal.com/tag/web-development 
to find 2 wealth of information in one place. See 
you in the comment queue? 

MATHERINE DRUCKMAN 
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DROP_YOUR DROPBOX 
AND SPARKLESHARE 
INSTEAD! 


We love Dropbox here at Linux Journal. it’s cross-platform, offers a decent free 
offering and generally “just works”. It has some problems though. Dropbox is 
proprietary. Dropbox stores a copy of your data in its own data repositories. 
Dropbox is limited in size, especially with its free accounts. 

Enter SparkleShare. SparkleShare is an open-source project that allows you to 
start a Dropbox-like service on your own. It’s a very new project and needs time to 
mature, but the beta is promising, Also, because you run the server yourself, there 
are no limits to the amount of data you can store. It's also cross-platform and has 
some of the same sharing features offered by its proprietary brother. 

Check out the early stages of SparkleShare at www.sparkleshare.org, and if 
you're a programmer, consider contributing, I'm excited for a stable alternative 


to Dropbox that I can host myself. SHAWN POWERS 
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PostgreSQL 9.0 


Looking for a relational database? The latest version of PostgreSQL 
makes a great database even greater. 


If you want to build a Web application, you're going 
to need 2 few pleces of software. You'll need a server 
operating system, such as Linux. You'll also need 

a server-side language and framework. Although 

| personally use Ruby on Rails nowadays, plenty of 
other good choices exist. For client-side interactions, 
you'll need to use a JavaScript framework, such as jQuery 
‘And, to store information about (and for) your users, 
you'll need to select a persistent storage mechanism, 
otherwise known as a database. 

Until just a few years ago, anyone using the term 
database almost always was referring to a relational 
database—that is, one based on linked two-dimensional 
tables, which could be queried using the relatively 
standard SQL language. Sure, there were a variety of 
other types of databases, but they weren't in widespread 
use or taken very seriously. 

In the past few years, however, there has been 
tremendous growth in the use and mindshare of 
so-called NoSQL databases. There's not much in common 
between these various databases—from Redis to 
MongoDB to CouchDB to Hadoop—that offer the 
promise of greater scalability and flexibility 

Now, I'm not one to say these non-elational 
databases are bad. On the contrary, 've used several of 
them in my own projects and found them to be a perfect 
fit for certain needs. But for day-to-day use, | continue 
to find relational databases an excellent fit. And when 
Ineed a relational database, | always prefer to use 
PostgreSQL. Indeed, when I'm working on a Web appli- 
cation, PostgreSQL is the default option. Only if | see 
that it won't work well (for whatever reason) do | switch 
some or all of the project to use a different database 

Why do | love PostgreSQL so much? First, because 
it’s rock solid. The developers have an almost obsessive 
dedication to the safety of the data you store in the 
database, and they do their best to ensure that data 
Won't ever be deleted or corrupted. This doesn't mean 
such situations never happen, but they're quite rare 
PostgreSQL not only tries to ensure the safety of your 
data, but it also provides you with a variety of tools 
to help you constrain the values that may be stored 
in the database, ensuring that anything stored is 
guaranteed to be valid 

Second, PostgreSQL offers a wealth of features 
that never cease to impress and amaze me. Whether 
it's the number of languages in which you can write 
server-side functions or the different ways you can 
define indexes, the clever use of MVC (multi-version 
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concurrency control) to avoid writers blocking readers 
or the ongoing statistical analysis that feeds into the 
query optimizer, PostgreSQL hasn't failed me in more 
than 15 years of day-to-day use. 

Every time | use another relational database, | find 
myself wishing for one or more functions that PostgreSQL 
provides or thinking that PostgreSQL wouldn't even 
enter into certain problematic situations, because of its 
high-quality architecture. This doesn’t mean PostgreSQL 
is perfect, but its mix of features has served me quite well, 
and I'm not the only one to feel this way. 

This month, | want to look at PostgreSQL 9.0, 
Which was released in late 2010. In particular, | want 
to consider what advantages it offers over other 
open-source databases (mainly MySQL). For people 
already using PostgreSQL, what new features does 
the 9.0 release bring to the table? 

I won't describe installing PostgreSQL, simply 
because versions are available for all major Linux 
distributions, Downloading and compiling the source 
code is relatively straightforward—although doing so 
as the dedicated “postgres” user, rather than as root, 
will save you many headaches during the installation 
process—but | have found binaries to be just fine for 
my day-to-day needs. 


Background 
PostgreSQL is an open-source (BSD-licensed) relational 
database developed by a core group of developers 
working for a number of different companies. (Indeed, 
the rules of the core development group forbid more 
than a handful of core developers from working for 
the same company to ensure that no one organization 
controls development directly) tt grew out of the Postgres 
Project developed by Michael Stonebreaker at the 
University of California, Berkeley. Postgres itself was an 
attempt to improve upon the original Ingres database 
Stonebreaker had developed and commercialized 
Postgres used its own query language, known as 
QUEL, and had @ number of advanced ideas, including 
many taken from the world of abject-oriented pro- 
gramming, Several developers joined forces to take the 
Postgres database, replace QUEL with SQL, stabilize the 
code and release it under an open-source license. The 
first release of PostgreSQL, under its new name, came 
in 1996. Informally, a large number of PostgreSQL users 
and developers continue to call it Postgres, although 
that technically refers to Stonebreaker’s project at 
Berkeley and not the current implementation. 


One of the main goals of the PostgreSQL team has been to 
adhere to the SQL standard wherever possible. in addition, as 
mentioned previously, PostgreSQL developers pride themselves on a 
rock-solid implementation, using the standard ACID (atomicity 
consistency-isolation-durability) paradigm for database storage 
under all circumstances. They further try to balance between a 
powerful set of features and configurable options and overwhelming 
people who don’t want to be full-time database administrators 

All PostgreSQL. storage is transactional, using a system known 
as MVC (multi-version concurrency contral). MVCC, which also 
is used in Oracle and CouchD8, largely avoids conflicts between 
readers and writers, ensuring that neither rows nor tables need ta 
be locked under most circumstances. MVCC does have the side 
eeping "dead rows” around in the database, which 
similar to garbage collection 
in many programming languages. For many years, vacuuming 
needed to be done manually, typically by running the vacuum 
command from a cron job. Nowadays, the autovacuum daemon 
runs in the background, marking space as reusable when added 
or updated rows reach a configurable threshold. 

Vacuum also can be run in “analyze” mode, in which case 
t examines tables and indexes, updating the statistics that 
are used when planning queries. This is one of the reasons 
PostgreSQL is able to operate so efficiently, even when han 


sionally need to be "vacuumed 


complex queries. By keeping an up-to-date description of 
data stored in each table, it can make an intelligent decision 
regarding how to optimize the query. If the guesses turn out 
to be wrong for your particular needs, you can configure some 
configuration parameters. 

PostgreSQL offers strong support for foreign keys, making i 
possible to ensure that connections between tables exist and work 
in the right way. That is, you can define a People table and then 
an Addresses table that refers to i 


CREATE TABLE People ( 
id SERIAL 

jame TEXT 
last_name TEXT. 
email_address TEXT 
PRIMARY KEY (id) 


CREATE TABLE Addresses ( 
id SERIAL 

person_id INT 
address TEXT. 
PRIMARY KEY (id) 


ER RE 


RENCES People 
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COLUMNS 
AT THE FORGE 


Now, lets try to insert 2 new record into the Addresses 
table, without inserting anything inta People first: 
INSERT INTO Addresses (person_id) VALUES (5); 
This results in the following: 
[RROR: insert or update on table “addresses” violates foretan key 
‘weanstraint "adresses person i fey” 
DETAIL: ay (person_id)=(5) is ot present in table *peopte 
Because | have defined person_id as a foreign key, 
PostgreSQL won't let me have an invalid value there, 
period. PostgreSQL also will refuse to let you remove a 
record from the People table if there are rows in the 
‘Addresses table referring to it. You can override such 
restrictions with the CASCADE keyword, but the 
database never will remove things on its own without 
your explicit approval 
You can, of course, also ensure that e-mail addresses 
are unique in your People table: 


CREATE UNIQUE INDEX pecple_enatt_iek ON People(enail_address) 


But wait, what if someone enters an e-mail address 
in capital letters and then enters the same e-mail 
address in lowercase letters? You can ensure 
Uniqueness by taking advantage of one of my favorite 
PostgreSQl. features, a functional index: 


CREATE UNIQUE INDEX people email_idx ON 
‘People (Lower (email_address)) 


Now PostgreSQL will ensure its uniqueness, regard- 
less of the case. This feature also comes in handy if 
you're trying to index a column containing long text 
Strings. You can index only the first 1,000 characters: 


CREATE UNIQUE INDEX people emait_idx ON 
‘People (substring(email_address, 1, 1960)): 


Finally, another powerful feature is CTEs (common 
‘able expressions). If you often find yourself performing a 
‘query, putting the results in a temporary table and then 
‘querying that temp table, CTEs almost certainly are 
something you'll want to use. You basically describe the 
temporary table query, give it a name using the “with” 
statement, and then query that pseudo table, For example 


WITH Wint_users 
AS (SELECT id * 2 AS id2, email FROM Users) 
SELECT id2 FROM Mini_users: 


In the example above, | create a new temporary 
table named mini_users and define it, and then 
query it as if it already existed. | already have found 
CTEs to be quite useful in simplifying complex 
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queries. PostgreSQL also makes it easy to define 
recursive CTES, allowing you ta work with hierarchical 
data with a single, simple query. 


Advanced Features 

(One of the features | have grown to lave over the years is 
the ability to write my own server-side functions—analo- 
ous to "stored procedures” in other databases—in a 
variety of languages. Most of the time, | use the built-in 
PUPQSQL language, which marries SQL queries with a 
procedural language. But in cases when | need a bit more 
ower, or want to use existing libraries, | can write func 
tions in PL/Perl, PLPython or a number of other languages. 
Regardless of what language | se, these functions inte 
grate seamlessly into the database, working no differently 
from bult-in functions and allowing me to process data 
inside the database, rather than in my application, 

(Over time, these server-side languages have 
become increasingly sophisticated, and although the 
PY/PgSQL syntax is not the most modern or expressive, 
it is easy to learn and handles a large number of 
cases easily and quickly. I've seen a wide variety of 
uses for server-side functions, from encapsulating 
‘most application logic in such functions to handling 
specific data-manipulation routines that don’t logically 
belong in the application layer. 

One of my favorite uses for functions is in trig- 
gers—actions the database executes automatically 
when a certain action occurs. For example, | once 
worked on a project into which we wanted to insert a 
URL, but in which we also wanted to have a (separate) 
column containing the hostname for that URL. | wrote 
a function that used regular expressions to retrieve the 
hostname and then inserted the hostname automatically 
into the appropriate column. From the application’s 
perspective, it was able to insert a URL but then 
retrieve either a URL or a hostname. Triggers can be 
used to perform all sorts of actions before or after an 
insert, delete or update query is performed on a table. 

One of the many advances in the 9.0 release was 
the improvement of “window functions”, functions 
introduced in 8.4 that make it possible to create aggre- 
gations (such as sum and average) over a portion of 
other rows in the table, rather than over the entire 
table. Thus, you could calculate the difference between 
someone's salary and other salaries in that person's 
department, or rank the number of citations a depart- 
‘ment has in a bibliographic index, or find which was 
the longest-running action in each controller, within an 
MVC Web application. I've only started to work with 
windowing functions, but the combination of built-in 
functionality from 8.4, plus some additions to 9.0 that 
make it easy to peek at preceding and following rows, 
lead me to believe this is a particularly powerful feature 


PostgreSQL 9.0 
The above features are nice improvements, but they're 


icing on the cake when it comes to reasons for a 
full-version upgrade to 9.0. 

First, this version makes it fairly simple to upgrade 
Earlier versions required dumping the database to disk, 
upgrading the server, and then restoring the database 
from its dumped form. This might not be a big prob- 
lem for small databases that can afford to be off-ine 
for a while, but it is a major issue for large sites that 
cannot afford such a long shutdown period. 

The core PostgreSQL developers heard the criticism 
and have responded with pg_upgrade. Now, pg_upgrade 
stil is considered to be somewhat experimental, and it 
hasn‘t been given the official seal of approval by the 
development team, so itis placed in the contrib directory, 
rather than in any official location. However, pg_upgrade, 
Which allows you to upgrade your PostgreSQL server 
without a dump or restore, is certainly one of the major 
innovations and accomplishments of 9.0, and it has been 
greeted with great excitement by people who were too 
nervous or busy to upgrade previously. 

Another major feature—and perhaps the most 
impressive accomplishment of this version—is what's 
known as “hot streaming replication”. This feature is 
actually the combination of two different features, 
Which work together to make for an amazing new 
backup and high-availability system, 

The basic idea is as follows. When you commit a 
transaction to PostgreSQL, it doesn’t immediately 
update the tables on disk. Rather, it writes a record 
of the transaction to a separate “write-ahead lag”, or 
WAL, describing the change that should be made to the 
database. Only after enough WAls have accumulated 
does PostgreSQL actually update the data 

Starting in version 8.4, you could copy the WALs 
from one PostgreSQL server to another, typically using 
a program like rsync. When the WAls appeared an the 
second server, they were read into that system. If the 
first server were ever to go down, the second server 
could be put into active mode, picking up from where 
the first server had left off 

Although this was better than nothing, it had at 
least two problems. Not only was transferring the 
WALS via “log shipping” far from an ideal mechanism, 
but the secondary server could not be used while it 
was receiving data from the primary server 

Both of these problems have gone away in 
PostgreSQL 9.0, providing a robust and easy-to-configure 
master-slave mechanism for high availabilty. WALS now 
can be transferred from the primary server to the sec- 
ondary using the network by configuring the secondary 
a a special kind of client program. As each transaction 
occurs, the WAL can be sent over the network to ane or 
more remote servers, allowing them to be synchronized 
almost immediately with the primary. The other improve- 
‘ment is that the secondary server can answer read-only 
queries even while its receiving data from the primary. 

Hot streaming replication, as the combination of 


these two features is known, doesn’t cover all situations. 
For example, | recently was working with a company 
that has multiple PostgreSQL servers whose data it 
would like to put onto a secondary server. For such 
purposes, hot streaming replication won't work. 
Fortunately, there are other solutions, such as Slony, 
that might be a better fit for the company's needs, But, 
for many sites that want to ensure their servers won't 
g0 down, this solution is more than adequate. 


Conclusion 

Am | gushing? Yes, absolutely. There are very few 
pieces of software that give me such pleasure to 
Use and on which | feel | can utterly depend, and 
PostgreSQL is a select member of that club. It keeps my 
data safe, offers me a huge number of features, allows 
me to extend the database in whatever ways | want 
and need, and it gives me excellent performance with 
a modest time investment. If you're thinking of switch- 
ing to an open-source database, or if you have already 
been using one and want to try something powerful 
but still rather easy to use, you would do well to try 
PostgreSQL. Especially with the latest features added in 
version 9.0, 'm sure you'l find something to like.m 
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Resources 


‘The home page for PostgreSQL is www.postgresql.org, From that site, 
you can download the software, subscribe to a number of (heavily trafficked 
and extremely friendly) e-mail lists and read through the documentation. 
‘There is also a #pastgresql IRC channel on Freenode that is generally 
populated and available for answering questions. 


‘One of the best-known commercial PostgreSQL support and product 
‘companies, EnterpriseDB, provides binary packages for a number of 
operating systems at its Web site, enterprisedb.com. It also offers a 
number of video and audio podeasts and screencasts, including those by 
PostgreSQL core contributor Bruce Momijan, which are of high quality. 


Finally, two excellent books about PostgreSQL recently were published 
by Packt Press, filing in a long gap since the excellent (but outdated) 
PostgreSQL, 2nd ealition was written by Korry Douglas a number of 
years ago. The two new books are PostgreSQL 9 Administration 
‘Cookbook by Simon Riggs and Hannu Krosing, and PostgreSQL 9.0 
High Performance by Gregory Smith. | have learned a great deal from 
both books, and although the latter book spends a bit more time than 
| might have liked on hardware, it also taught me that even a software 
‘guy like myself occasionally needs to consider the physical side of 
software and database design. if you use PostgreSQL on a regular 
basis, | strongly recommend these books. 
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COLUMNS: 


WORK THE SHELL 


DAVE TAYLOR 


Mad Libs Generator, 


Part Il 


Choosing only the interesting words out of a text passage for a 
Mad Libs-style game proves to be a darn difficult task within a shell 


scl 


Last month, we dug in to creating a Mad Libs 
generator—a program that you could give a snippet 
of English prose, and then it would select words 
randomly and replace them with their parts of 
speech, so you could have friends or family create 
their own amusing alternatives, 

So, instead of "the quick brown fox jumping over 
that lazy dog", it could be “the quick (( adjective )) 
fox jumps aver the (( adjective )) dog”, for example. 

The problem is that selecting random words 
from a sentence also can produce something far 
more boring, like “(( definite article )) quick brown 
fox jumps over (( definite article)) lazy dog” 

This month, | take that random word-selection 
tool and add some smarts so that it is biased toward 
longer words and words that are nouns or adjectives. 


tt, but Dave's up to the challenge. 


if [ Stength <tr 4 -a $(( SRANDOH & 2 )) -eq 1] 5 then 
echo \{Sverd\) —# too short 
else 
echo *((Sx0rd))” 
fi 
else 


This works pretty well—actually, every time a 
word is selected, its length Is checked. Words less 
than four letters long have a 50% chance of being 
ignored. With a simple input sample, here's what 
we get: 


{the} ((quick)) brow fox jumped ((over)) the Lazy black dog 


It’s still not great, but at least it recognized that, 


This month, | take that random word-selection tool and add 
some smarts so that it is biased toward longer words and 
words that are nouns or adjectives. 


Selecting Words by Length 
Last month, you'll recall that our script had a word- 
selection snippet that looked like this: 


while read sentence ; do 
for word in Ssentence ; do 
if [ $(( SRANDOM % Sdensity )) -eq 1]; then 
echo *( ($word) )" 
else 
echo Sword 
fi 
done 


Where we'll need to expand the cade is within 
the conditional that currently just puts the word in 
parentheses. The first step is to analyze length: if 
the word is three or less letters long, we'll be much 
less likely to select it 


Af [SUC SRANOOM % Sdensity )) -eq 1]; then 
length=S(/bin/echo =n Sord | we -€ | sed 's/ //g') 
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“the” wasn't interesting due to length. I'm still not 
entirely satisfied with which words it chooses to 
substitute, but let's move on to the second part of 
this project, testing part of speech, and come back 
to the selection criteria later. 


Figuring Out the Part of Speech 

The core code for this already was presented last 
month, utilizing Princeton's handy WordNet, so here 
itis: 


pos="S(curl silent "SdietionarySword” | grep ‘chs’ | head -2 \ 


| tr *Teuppers]* *Tetower-]" | sed *s/etibdrss/enp/ 1)" 
if [1-2 "Seco Spas | grep ‘not return any results")" |; then 
cha \[Suord\] # fatTes to figure out part of speech 


cue 
eto *((Stvard}5p08))" 
6 


Notice that we have to worry about failed 
lookups. Some wards just aren’t found in the 


WordNet dictionary, and we need to be prepared. 
Vl tie these together, as written, and here's what 
we get as an output: 


Note: {) = too short, {] = POS undefined 
(CL:noun)) (aa) (by) ((btrth:noun)) (a) Genovese, and 
(oy) family (is) one of the east ((distinguished: verb)) 
of that ((republic:aoun)) 


‘As the header reminds us, at this point, we're 
denoting words selected but skipped because they're 
‘too short with 0) and those that have an undefined 
part of speech with [] 

I've also changed the word replacement density 
factor to have more words tested. As you can see, 
most of the words in our sample input are now 
evaluated one way or the other. 

Now, let’s add a test so that only nouns or 
adjectives are eligible for substitution too 

[bz *Seeho Spos | ere 
echo \ {Sword} 


rot return")" } : then 
# fated to figure POs 


it [ -n "Seeck 


pos | grep -E "(nounladjective)")" } : then 


echo "(Sword Sp0s)) 
else 


echo "<S(vord) $908) 


V'll give it that same first sentence to Mary Shelley's 
Frankenstein, and let's see what transpires 


Nate: {} = too short. [] = POS undefined, < = uninteresting FOS 
1 (a) <by:adverb> birth [a} Genovese, [and] ay 

fanily (({s:noun)) (one) (of) {Ube} ((nost:adective)) 
cdstinguished-vert> {ot} {that} ((republe-poun)) 


We're definitely getting there, but | think we 
still need to add something to the selection crite- 
ria—something that will help us produce more 
interesting Mad Libs. 

But, let's leave that for next month as we've already 
dug through a lot of code in this column. 


Taye Tors been hacking shel scrips fora ely lang time, 20 years, H's 
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COLUMNS 


PARANOID PENGUIN 


‘MICK BAUER 


Interview with a Ninja, 


Part Il 


Mick continues chatting with a figurative and literal hacker 


Last month, | introduced my good friend Ninja G, 
an accomplished professional penetration tester for 
a large financial institution (wha also happens to 
be a practitioner of ancient martial arts developed 
by ninjas). We talked about his daily activities, his, 
unusual career path, his perspectives on WLAN and 
Linux security, and the uncanny preoccupation 
among Ninja G and his coworkers with ninjutsu. 
This month, | wrap up the interview. | think this 
installment is every bit as wide-ranging, thought- 
provoking and entertaining as part | [hope you agree! 


MB: I've got to ask a somewhat selfish question, 
because so much of my own career has involved 
firewalls. in the age of Web applications, where the 
‘browser is the platform and so much of the world's 
business is conducted over TCP ports 80 and 443, do 
traditional layer 3 firewalls still have a useful role? 


NG: | believe so; however, | think most people 
Would agree that a traditional (state-aware) firewall by 
itself isn’t a complete solution. itis only the first of 
many layers of defense. Intrusion detection (and pre- 
vention) systems, system hardening, secure centralized 
logging and application-aware firewalls should supple- 
ment a state-aware firewall to help round out areas 
where it would otherwise be lacking 


MB: What's your opinion of the new generation of 
(Web) application firewalls that can be trained to block 
exceptions to “expected Web application behavior? 
‘Are we finally reaching a point in this class of technology 
where it’s possible to create a complete enough notion 
of “expected” application or network behavior to 
reduce the very high rate of false positives we've 
traditionally associated with this approach? 


NG: | don’t think | ever would recommend a Web 
application firewall in ieu of Web application hardening 
A lot of the problems that are being caught by 
Web application firewalls usually can be solved with 
proper tainted variable checks on all user-supplied 
input. This includes the Web browser's user-agent 
string (which may find its way into lag files), all 
cookies and, of course, GET/POST data, AJAX 
requests and so on 

In an ideal world, the Web application should pro- 
Vide real-time logging of things like cross-site script, 
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SQL injection and brute-force attempts, but that is 
more often the exception than the rule. Often organi- 
zations rely on (SSL breaking) Web application firewalls 
to obtain the same types of data; however, you have 
to be very confident in low false positive rates when 
deploying in any inline device that actually prevents 
malicious traffic from reaching the target hast, or else 
you could be creating your own denial-of-service con- 
dition for what could be business-crtical applications. 
One should keep in mind that even the top-of-the-line 
Web application firewalls occasionally will generate 
false positives and plan one’s use of them accordingly. 


MB: Some people are very skeptical not only 
about the worth of pen testing, but also especially 
of the trustworthiness of anybody who has amassed 
experience in system cracking, which they (the 
skeptics) seem to think is inherently corrupting. But 
my own experience has been that overall, security 
researchers and penetration testers, precisely 
because they understand so well how easy it is to 
get caught, tend to be very responsible 

And, I'd unhesitatingly put you in that category. 
| think of you as a highly ethical and trustworthy 
person. So, what's your take an this? Are security 
ninjas generally like you, or is criminal recidivism 
(8 la Alberto Gonzales) rampant? 


NG: Of course, I can’t speak for anyone else but 
myself. People have their own unique motivations, 
passions or “demons” that drive them along this path. 
I'can say it has been my experience that most people 
who perform penetration testing for a living generally 
wouldn't risk their livelihood by hacking illegally. For 
a person like myself, | view my work almost like a 
flip-side version of the Buddhist concept of Right 
Livelihood, which states that people should try to 
find an occupation where they won't sacrifice their 
moral code. Except for me, | found a job where | get 
to express myself creatively in a criminal-like way, yet 
with the most ethical of outcomes. 

At the end of testing, | create detailed write-ups 
of all of my security findings, write proof-of-concept 
code, help vendors understand and re-create these 
issues, and assign a risk rating to help others under- 
stand their severity—lke a lot of the other "unsung 
heroes" of this field, who never release their exploit 
code and provide full details directly to vendors and 


code writers. | would like to think | am helping improve 
the overall security of not only the company I work for, 
but also indirectly helping all the other companies who 
use the same systems, services and products. 


MB: It’s easy for someone in my position (and that 
of my readers, | hope!) to see the value of your methods 
and your reports. I don't think “unsung hero” is any 
exaggeration, having seen firsthand how tangibly 
things tend to be improved after an unfavorable pene- 
tration test. But how do vendors and developers react 
to your work? How do you get them past what I'm 
sure tends to be an initially defensive reaction? 


NG: Yes, you're correct. The typical inital response 
is to view the request for a penetration test as simply 

a check-box item on a list somewhere, which may 
or may not prove any sort of real due diligence. My 
assumption is that this is their usual experience with 
dealing with other companies with limited information 
security personnel and budgets, 

Once they actually start hearing about high- or 
critical-severity security vulnerabilities, they almost 
always shift to a defensive position. At this point, | 
give them my (somewhat canned) speech about how 
they are in essence getting weeks of free security 
consulting. | assure them that | will share the details 
of all security findings completely and recommend 
steps for remediation where appropriate 

Its usually around this point when they realize that 
although their experience may be painful or humbling, 
they really are getting something for nothing, and far 
better to receive the information in this way, rather 
than having the same issues discovered by others who 
may not give the vendor any sort of warning before 
releasing the information to the general public, 


MB: In my own consulting work years ago, now 
and then I'd be called on to do port scanning or 
security scanning (though not actual penetration 
testing) of live, production systems, and | always found 
that nerve-wracking. Have you ever inadvertently 
(or, come to think of it, intentionally) disrupted an 
important production system? 


NG: | once took down a large group of firewalls 
simply by port scanning them. This was completely 
inadvertent, as | didn’t know that they had been 
configured to effectively “turn themselves off” when 
they detected heavy port scanning. (?!) This caused 
a large production outage (and several people were 
howling for my blood), yet the configuration was 
beyond foolish, so by helping to “correct” the issue, 
I managed to escape unscathed 

| have never intentionally disrupted an important 
production system. Even in my lawless years, the goal 
was never to "take down” a system. | viewed that 


action as providing a very clear sign that an intrusion 
had occurred, The end result would be one less system 
to explore, which | viewed as sub-optimal 


MB: There still seems to be tension between two 
camps in information security: those of us who self- 
identify as hackers and those who don't. Yet attendance 
at Black Hat Briefings, DEFCON and other hacker 
conventions continues to balloon. Do you think the 
“hackers vs, suits” situation is getting better, or are 
we simply gaining numeric superiority? 


NG: | would say that there was much more tension 
a decade or two ago, back when the corporate world 
wouldn't dare ever send someone off to a “hacker 
conference”, let alone pay for it. Now conferences 
such as Black Hat and DEFCON are considered valued 
sources of information for those defending rather than 
attacking corporate resources. 

Personally, | think there is a rather new element 
at hacker cons that may soon upset the delicate 
“hacker/suit” ecosystem: the US military—and I'm not 
talking about their old guys, 'm talking a new wave 
of young military. So don’t be surprised in the coming 
years if that quy sitting next to you at DEFCON happens 
to be a SIGINT analyst for the US Navy. 


MB: I've already had that type of experience, and 
agree with your observation about the military (which, 
| supposed, tends to be a youthful demographic, so 
maybe this isn’t too surprising). DEFCON's “Spot the 
Fed” contest stapped being easy ages ago! 

| think I'd like to wrap up with some more or less 
random questions—teel free to answer as tersely or 
completely as you like and, of course, omit names to 
protect whomever you like! 


MB: What's the stupidest design decision you've 
ever seen? 


NG: Okay, this one goes back way over a decade, 
so | feel comfortable discussing it. | once saw a large 
financial organization solve their backup issues by 
installing FIDDI interfaces in all of their UNIX servers. 
They dual-homed all of the machines into one large 
FIDDI ring and then kicked off all of the backups via 
rhost. | rooted one backup server in the FIDDI ring and 
ended up owning the entire back office settlement 
environment across the globe in minutes, due to rhost 
trusting the backup server. Keep in mind these hosts’ 
primary interfaces were segregated into protected 
zones by firewalls, and access was limited into each 
zone based on your job function. 

Epic fail 


MB: What's the coolest security control you've 
encountered lately? 
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NG: People are probably sick of hearing about it, 
but DNSSEC is actually pretty cool, especially when you 
factor in the potential impact associated with traditional 
DNS. (Yes, | have drunk Dan Kaminsky’s Kool-Aid!) 


MB: What's your favorite (non-secret) ninja weapon 
or fighting technique? 


NG: Hmmmn...for this question, | believe a little bit 
of ninja lore is necessary. First, forget everything you 
know about ninjas being the bad guys dressed head to 
‘oe in black uniforms; rather, they were often highly 
skilled martial artists acting covertly in enemy territory 
much like a modern-day spy. The worst possible fate 
would be to be caught, so contrary to all of those bad 
ninja movies of the 1980s, escape was always way 
more desirable than fighting 

So in the study of ninjutsu, you will encounter 
‘things like the Santo Tonko kata (forms of the escaping 
rat), which includes techniques for escaping grabs, the 
Use of eye-blinding powders and using small thrown 
objects (such as shuriken) to dissuade continued attack 
oF pursuit. Nowadays, a small tactical flashlight can be 
Used instead of the irritating blinding power, and as 
shuriken have been outlawed in most states, a pocket 
{ull of loase change does the same thing when unex- 
pectedly tossed into the face of a would-be attacker. 
"Ohl These are a few of my favorite things...1" 

In one particular situation, | was greatly out- 
numbered, so | decided I needed to even the odds a 
bit. Using a Surefire E2E flashlight, | blinded the 
advancing "front row” only to have my “fighting 
with light” completely misidentified as a police 
tactic. Next thing I heard was, "This guy is a cop!" 
and everyone scattered. That alone was worth the 
price of the flashlight. 

So rather than doing something silly or dangerous 
(like arming your loved ones), instead get them an 
inexpensive high lumen output flashlight. If their 
attacker disarms them, it isn’t anything that could 
realy be used against them. Plus, you would be surprised 
how often a flashlight comes in handy, even when you 
aren't being jumped by a large group of people. 


MB: Which is harder, being stealthful in meat-space 
or being stealthful in cyberspace? 


NG: If you understand both environments, then 
one really isn’t more difficult to manage than the other. 
‘These are not set in stone, but | generally think of four 
basic principles that apply fairly equally to both physical 
and cyberspace stealth considerations, 

The first principle would be disguise. in physical 
space, this includes concepts, such as wearing appro- 
priate clothing to blend in with the rest of the popula- 
tion in the area, and the use of multiuse, hidden or 
improvised tools/weapons. In cyberspace, this would 
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include avoiding the generation of network traffic that 
would be typically associated with either reconnaissance 
or attack. Instead, the stealthy attacker would choose 
‘to generate completely “normal” network traffic that 
ould also be used to glean useful information, 

‘A good modern example of this would be the tool 
named FOCA, which uses search engines to identify 
the location of documents that commonly contain 
metadata. The tool downloads these files a few at a 
time and then rips out the metadata and presents the 
extracted data. All of the generated Web traffic is 
100% normal. All of the documents downloaded 
were intended to be downloaded. Unless a company 
is militant about scrubbing metadata, it isn’t unusual 
to find about one file out of 100 that actually 
contains something useful enough to be leveraged 
in further attacks, such as an employee name, e-mail 
address or user ID. With larger companies, it is not 
uncommon to discover thousands of metadata-laden 
files available for download 

The second principle would be distraction (or 
attention control). In physical space, there are lots of 
variations here, as the human mind is very limited. We 
may claim to multitask, but the reality is that we can 
think of only one thing at a time. All you have to do is 
fill the mind with something interesting, and it will 
miss everything else. A good example of this can be 
found on-line by Googling Daniel J. Simons’ video 
titled “selective attention test”. In cyberspace, the 
same effect can be achieved by intentionally generating 
known malicious traffic to create overt “noise” in 
Which to hide. Tools like snot and stick were designed 
+o do exactly this sort of thing, 

The third principle would be exhaustion (or 
frustration). In physical space, a modern analog 
would be to repeatedly set off a building's burglar 
alarm. The first time it goes off it usually will get 
all sorts of attention. The police will show up first, 
then eventually, the building manager will arrive 
on-site. After about the fifth or sixth time (in the 
same night) of the alarm going off with no visible 
signs of attempted forced entry, that alarm is going 
to be turned off until morning and a repair call will 
be made to the burglar alarm vendor. 

The exact same thing happens in cyberspace with 
intrusion detection systems that constantly generate 
alarms that seem to be false positives. A security- 
conscious person will put up with an interruption 
or two in the middle of the night, but nobody can 
tolerate unwarranted nonstop interruptions. Discover 
this “breaking point” limit, and you can help “tune” 
remote intrusion detection systems to be more “friendly” 
toward your future stealthy endeavors. 

The fourth principle | would call fu-sui (wind and 
water), but most people know it as feng shui. This 
is intentionally selecting the most advantageous 
positioning, terrain, weather or timing. In physical 


space, this could be something as simple as ch 
ng to attack at dawn or dusk with the sun low in 
the sky behind you. Your enemy will be starin 

tly into the sun allowing you to hide in bright 
Another example would be to choose a foggy 
night to hide in the darkness and mist. In cyberspace, 
this could include performing your activities during 
holidays celebrated by your target, choosing late 
hours when monitoring personnel may be more 
scarce or choosing peak traffic hours if you are 
trying to “blend in” with normal activities. 

These principles are not mutually exclusive; in fact, 
tis often better to blend them together when creating 
your plan of attack. 


MB: When does the fun of Brute Force trump the 
righteousness of the Elegant Solution? 


NG: Wo 


that definitely applies to both penetration 
jutsu: “When it is the quickest and most 
he problem. 


testing and ni 


2, pirates or ninjas, and why? 


NG: Wow, that is the eterr 
my take. 

If you research the origin of each of the nine 
martial arts that | study, you will find that one originally 
was used as a naval military art, and as a result, the 
body positions and movements were designed to be 
Used on ships that were constantly rocking and slippery 
Even to this day, techniques from this school are 
imes practiced using a boat oar as a weapon 
This means that historically, some ninjas were pirates; 
however, | seriously doubt that the contrary was ever 
true, 'm sure this won't surprise you, 


ut | vote ninjas! 


MB: And on that lighthearted note, ('ll sadly but 
gratefully wrap up what | hope, dear readers, you 
agree was a fun and informative conversation. Thanks 
so much for playing, Ninja G!m 


Nick Bauer (darth elmo wiremonkeys og is Network Security Architect for 
‘ne ofthe US's largest banks He isthe authar ofthe O'eily book Linux Server 
Security 2nd edition (formerty called Building Secure Servers Wit Linud, an 
accasonal presente at information security conferences and composer ofthe 
‘Network Engineering Pla. 


Charles heads the web development team here at Silicon Mechanics: he's 
responsible for the configurators and power calculator on our site, among 


Powerful. 
Intelligent. 


fer things, As 2 software expert, he offers a useful perspective an our 
server and storage products. 


When asked wh: 
Processor 7500 Series CPUs and 32 DDR3 DIMMs, he said, "32 virtual machines 


in one rack unit. 


he would do if he had a Rackform iServ R413 configured with 4 8-core Intel® Xeon® 
one per core 
But he didn't stop there, 


Charles knows that to make the best use of a server with that kind of processing horsepower in 2 
Virtualized environment, he needs VO to match. He paired the 4P server with a Storform (Serv R516 
storage server, configured with 24 2.5-inch Intel X25-E solid state drives, Think of it as a developer's 
dream tear: multi-core processing and high memory counts for blistering performance, and high- 
performance storage for blazing VO speed 


Need a "dream team" of your own? Talk to the Experts at Silicon Mechanics for the perfect match 


When you partner with Silicon Mechanics, you get more than just the power and performance 
of the latest intel technologies—you get an Expert like Charles, 
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Your Own Personal 


Server: DNS 


Why let registrars have all the fun? Learn how to set up your own DNS 
server completely under your own control. 


In this day and age, it’s simple and popular to have 
someone else change your oil, grow your vegetables, 
remodel your house and host your services. However, 
I'd argue that its far more rewarding, educational and 
not very difficult to manage these things yourself 
This column is the second in a series about haw to 
manage your own services on your own server. In 
the first column, | discussed how to make sure your 
home network is ready to host your awn services. In 
this column, | start to get into the meat of the topic 
and discuss the first service you can (and should) set 
up at home: DNS 


A Short Primer on DNS 

DNS (Domain Name System) is a system you use every 
day and one on which the Internet heavily depends 
Every server (including your awn) that has a presence 
on the Internet should have a public IP address. Since 
last month’s column, you should have your home 
network set up for your server and have at least one 
public IP (hopefully static) you can use. it's true that all 
you really need to host many services on the Internet 
is an IP address; however, in practice, there are only 
so many IP addresses (like phone numbers) that the 
average person is going to commit to memary. As IPV6 
becomes commonplace, this will be even more true 
DNS allows you to register a domain name and associate 
individual host names (ike www.example.com and 
mail.example.com) to IP addresses. 

For instance, how many of you (besides you, 
katherine) have www.linuxjournal.com’s IP address 
memorized? If you did want to know the IP address, 
all you would need to do is perform a simple 
nslookup command: 


S nslookup wi, Linuxjournal.com 
Server 192.168.0.1 
Address 192. 168.9.1853 


Non-authoritative answer 
Name: www.1inuxjournal.com 
Address: 76.74.252.198 


In this example, the first bit of output tells me 
that I'm getting this answer from a DNS server at 

192.168.0.1 (my own personal DNS server) and that 
the IP address for www linuxjournal.com is currently 
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76.75.252.198. There isn't enough space in this col- 
umn to describe everything that happened to allow me 
to get that IP address, but essentially, my DNS server 
asked other DNS servers on the Internet for this IP 
address and was subsequently redirected to more and 
more DNS servers until it finally found the one that, 
knew the answer. if you are interested in more detail 
‘on how this works, books like DNS and BIND do a 
good job of explaining it, or from the command line, 
you could run dig wuW.linuxjournal.com +trace 


Your Own DNS Server 

DNS seems like a complicated service, yet it's relatively 
simple to set up a DNS server of your own. Now, there 
are a number of different DNS server software from 
which to choose that are easier to configure or that 
have fancy database back ends, but for this article, 'm 
going to choose the old standby, BIND. Although it’s 
not as simple as other ONS servers, it isn’t so bad, once 
you get the hang of it 

BIND should be packaged for most major distribu- 
tions; however, there are slight differences in how 
each distribution packages BIND. For instance, under 
Red Hat, you install the bind package, but under 
Debian-based systems (ike Ubuntu), you install bind9 
Red Hat stores its core BIND configuration file at 
JetcInamed. conf and all its zone files (files that contain 
name-lP address mappings for a domain, such as 
example.org, a subdomain, such as ny.example.org, or 
possibly both) under /var/named, while Debian-based 
systems put named.conf and any zone files under the 
Jetcfoind/ directory. Even the init script is different on 
both systems: Red Hat uses /etc/nit.d/named, and 
Debian-based systems use /etcfinit.d/bind9. Once you 
get past the differences, however, the syntax inside 
the files should be similar. Just to simplify things, 
I'm going to base the rest of this article off a standard 
Ubuntu 10.04 LTS server, so we have some sort of 
baseline. If you use a different distribution, however, 
it shouldn't be too difficult to adapt these instructions 
to the different file paths. 

(Once BIND js installed on the system, the package 
should create a basic named.conf file and all of the 
base directories. In the case of this sample Ubuntu 
system, the default named.conf actually will be set up 
to act as a caching name server. So, out of the box you 
should be able to point to this server with other hosts 


on your network, and it will be able to resolve other 
domains on the Internet just like with your ISP's 
DNS server. In this case, though, we want ta create 
a DNS master 


Master DNS Configuration 
A DNS master contains its awn zone files that have 
name--IP address mappings, and it doesn’t have to 
consult any other source to answer queries for those 
names. By contrast, a DNS siave is configured to load 
all of its zone configurations from a DNS master. 
Any future changes are made on the master and 
propagate to each of the slaves. Any individual 
BIND instance acts as a DNS master, a DNS slave or 
a caching name server, or all three at the same time 
(although it can be a master or a slave only to any 
individual zone, not both). 

For this example, let's set up a DNS master for 
example.org, and this master will have the following 
records 


Mm nst.example.org, which points to 123.12.34.56 
(the public IP of the name server itself) 


m example.org, which points to 123.12.34.57 
1m www.example.org also points to 123.12.34.57. 

To start, | create the zone file at 
Jetc/bind/db.example.org (remember Red Hat 
stores these zones in a different places) and put 
the following information in it: 


: BIND data file for example.org 


ST. an 


@ IN SOA nsl.example.org. root.example.org. ( 
a 2 Serial 
604a00 : Refresh 
6400 2 Retry 
2419208; ‘Expire 
604800) ©; Negative Cache TTL 
2 INNS ns1.example.org 
e INA 123,12.34.57 
ww INA 123,12.34.57 
asl INA 123,12.34.56 


Make sure this file has similar permissions to the 
other zone files you find in the /etc/bind directory. The 
first non-comment line in the file sets the TTL or Time 
To Live, the default time in which a remote DNS server 
will cache any answers it gets from your DNS server 
before it will ask it again. The value you put here will 
help determine how fast changes you make will propa- 
gate. BIND accepts seconds in this field, or you can use 


shorthand values like 1d for one day, 4h for four hours 
or 20m for 20 minutes. | set the TTL to four hours 
here; however, if you make frequent changes to your 
records (ar know you are going to soon), yau may 
want to make the TTL shorter. On the other hand, if 
you find you hardly ever change these values, you 
might want to bump up the TTL to a day to reduce 
load on your DNS server 

Something to note is that zone files use semicolons 
not hashes at the beginning of a line for comments. 
A common mistake is to put hashes in a zone file to 
make a comment, reload BIND and then wonder why 
your changes didn’t take. When BIND sees a mistake 
like that, it just skips that particular zone. 

To keep things simple, I'm going to skip the Retry, 
Refresh and other values here—just keep them with 
these defaults unless you know what you are doing 
The Serial line is for DNS slaves, which | discuss later. 
Below those values, however, you'll see the syntax | 
used to define the different records 


e IN NS nsl-exanple.org 
® INA 123.12.34.57 
wie = INA 123.12.34.57 
msl INA 123.12.34.56 


The first record starts with @, which means it is a 
record for example.org itself. In this case, it is an NS 
record that defines the hostname I'm going to use for 
my name server. You can use any hostname you con- 
trol here (including hostnames on a different domain, 
actually), but one popular convention is to use hostnames 
like ns and ns2 for the first and second name servers 
The second record begins with an @ as well, only in 
this case, its an A record. An A record is a fundamental 
DNS record that maps a hostname (like www) to an IP 
address (ike 123.12.34.57). In this case, because the 
record starts with @, | am setting the IP address for 
example.org itself. The next two lines define two more 
A records, one for www.example.org and one for 
1is1.example.org, It’s important if you used a name 
within this same domain for your name server (like 
‘ns1.example.org) that you be sure to add an A record 
so that it has an IP address. 

Now that I have created my zone, next | need 
to modify the /etc/bind/named.conf file and add a 
new section at the end of the file to point to the 
/etc/bind/db.example.org file | just created: 


zone “example.org” ( 
type master 
file */etc/bina/db.exanple.org": 


After the file is changed, | reload BIND, and | 
should be able to send DNS requests ta my new 
DNS server: 
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S sudo /etc/init.d/bind9 reload 
* Reloading domain name server... bind [0K] 
5 nslookup www.example.org Localhost 

Server Locathast 

Address 127.8,0.1453 


Name: wwn.example.org 
Address: 123.12,34.56 


if there is a problem with the BIND reload, it should 
tell you on the command line. Otherwise, if it still 
doesn’t work, you may have to look in your syslog 
file (var/log/syslog on Debian-based systems and 
Nar/log/messages on Red Hat) for clues. 


Slave DNS Configuration 

Many registrars on the internet require that any domain 
you register have at least two DNS servers configured with 
it tS a good practice to have, because if you have a single 
DNS server and it goes down, it effectively will make all 
your servers under that domain inaccessible. This means 
{you need to set up a second DNS server on a different IP 
ideally on a different network, or have a friend with a DNS 
server act as a slave to your master DNS server. In either 
case, itS a relatively simple process. Lets say that my 
second DNS server is going to be at the IP address 

98, 76.54.32. First, | would log in to my Master DNS server 
and add the new NS and A records to my zone file 


: BIND data file for example.org 


STTL 4h 


@ IN SOA nst.example.org. root.example.org. ( 
2 2 Serial 
s0qg00 5 Refresh 
86400 5 Retry 
2419260; ‘Expire 
604808) —; Negative Cache TTL 
@ INNS nsl.example.org. 
@ INNS ns2.example.org. 
e INA 123,12,34.57 
wens INA 123,12,34.57 
msl INA 123,12.34.56 
ns? INA 9876.54.32 


Next, | edit named.conf and add a line to the 
configuration of example.org so that it will allow 
zone transfers from my DNS slave’ 


zone "exanple.org” ( 
type master 
File "/etc/bind/db.exanple.org": 
allow-transfer { 98.76.54.32; }: 
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Finally, | would install BIND on the second server, or 
if it already exists, all | would have to do is add a new 
entry at the end of the named.conf file to define the 
example.org zone and tell this server the IP address of 
the master: 


zone "example.org" { 
type slave 
file "/var/cache/bind/db.example.org": 
masters { 123.12.34.56: } 


Note that in this case the slave zone is being stored 
under /var/cache/bind. That's the default location for 
slave zone files under Debian-based systems. Under 
Red Hat, you would store them under /var/named/, 
Once | reload BIND on the slave server, it will pull the 
‘new zone information from the master, and | should 
be able to perform DNS queries against It 

Once you have set up a slave, keep in mind that 
anytime you make a change to the master, you will 
need to increment the Serial field in the Master's 
zone file (in my example, it is set to 2, but a lot of 
administrators like to set it to the current date plus 
two extra number fields, such as 2010120500) 
When the slave needs to know whether its zone 
information is up to date, it compares its serial 
number with the serial number on the master. If the 
master’s serial number for a zone is higher, it copies 
down the new zone information; otherwise, it sticks 
with what it has cached, 


Domain Registration 

(Once you have a functioning ONS server, all that’s left 
is to tell the world to use it. If you haven't already 
registered your domain with a registrar, find a domain 
registration service on the Internet (there are too 
many for me to list here, but a search for domain 
name registration should turn up plenty). When you 
register the domain, most registrars will let you use 
their own DNS servers for your domain, but you don’t 
need them! When you get to the point in the registration 
process where it asks you about your DNS servers, 
just give them the public IP address for your own DNS 
server (in my case, it would be ns1.example.org or 
123.12.34.56). Note that many registrars require you 
to have two DNS servers defined for a domain, so in 
that case, set up a slave DNS server and add its IP 
address as well. Once you complete the registration 
process and allow the new domain Information time 
to propagate around the Internet, you will have the 
ability make IP changes for your Web, mail and other 
servers all from your own machines m@ 
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The Business of Location 


wh ere The O'Reilly Where 2.0 Conference explores the intersection of location 
CONFERENCE technologies and trends in software development, business strategies, 
and marketing, The source for all things location-aware, Where 2.0 brings 
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NEW PRODUCTS 


Donald E. Knuth’s The Art of Computer 
Programming, Volumes 1-4A Box Set, 3rd 
ed. (Addison-Wesley) 


Donald €. Knuth’s monumental book series The Art of Computer Programming has deep roots. When 
the distinguished Stanford Professor Emeritus Knuth began putting his ideas to paper, John F. Kennedy 
was president, Don Draper was Madison Avenue's hottest ad man, and most of us were merely potential zygotes. 
Publisher Addison-Wesley says that the first three volumes of Art of Computer Programming are “widely recognized as the 

definitive description of classical computer science”. Practicing programmers have long applied his “cookbook” solutions to their day-to-day 
problems. Now comes the long-awaited fourth volume to compose a new four-volume set. The new volume 4 brings together definitive new 
coverage of broadword computation, combinatorial generation, fundamental combinatorial objects and other topics. Bill Gates has said that 
people wha read the entire set should send him their resumé. If you get that far, we imagine Linus would love to see it too! 


www.informit.com 


OpenERP 


The OpenERP open-source suite of comprehensive business 
applications recently bounded up to version 6.0. Open€RP's 
eponymous developer noted that a number of factors warranted 
the release’s designation, including advancement in simplicity and 
ease of deployment, the ability to build an ERP system at one’s own 
pace, greatly improved affordability and accessibility for companies 
of all sizes, and more than 800 contributions from its global 
community of open-source developers. Further, OpenERP v6 now Is 
available not only as an on-site version, but also as an SaaS platform, 
which the firm says “radically reduces the cost and complexity of 
an ERP deployment”. Some of the hundreds of additional new 
features include extended multicompany functionality marketing 
campaign management, simplified accounting interface, tracking of 
tickets for support and after-sales services, push and pulled logistics 
flows, talent acquisition and manufacturing scrap management. 


www.openerp.com 


Grammatech’s CodeSonar Grek oe 
The developers at Grammatech have released a fresh new @)eovesowan (srs a ee orto 
version 3.6 of CodeSonar, a source code analysis tool that a 

performs a whole-program, interprocedural analysis on code 4 
and identifies complex programming bugs. Version 3.6 adds 

two significant improvements, namely a significantly improved 

GUI, which streamlines developer interaction and boosts pro- 

ductivity, as well as a more efficient analysis engine, which can 

reduce analysis time on large cade bases, says GrammaTech, nC 

by up toa third. Grammatech also says that CodeSonar’s fates x 

unique strength is “its ability to identify far more program- Seacraion teen 

crashing defects and security vulnerabilities than competing Sekar 

static-analysis tools". Another advantage is CodeSonar’s new af ‘onl 

GUI that “enables developers to quickly digest key informa- CC Ti eee) 
tion, understand and identify the most important issues and eS SS eee 
prioritize fixes". CodeSonar runs on Linux, Solaris, Windows Sm He re 2138 mgs ey Hehe 

and Mac OS X operating systems and supports mast compilers. lunes take eyes = fos ches ee 
‘www.grammatech.com | a Te aa | 
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NEW PRODUCTS 


The Document Foundation’s 
LibreOffice 


The developers over at The Document Foundation are giddy about their new LibreOffice 
3.3, the fist stable release of this free, power-packed and open-source personal productivity 
suite for Linux, Windows and Macintosh. Based on and containing all features of 
OpenOffice.org, LibreOffice contains the Writer, Calc, Impress, Draw, Math and Base appl 
cations. Some of the many new features include compatibility with SVG files, improved 
ergonomics in Cale, and Microsoft Works and Lotus Word Pro document import fitters. The 
Document Foundation says it now has more than 100 developers working on LibreOffice 


wwwilibreoffice.org 


Bibble Labs’ Bibble Pro and Bibble Lite 


Bible Labs’ bills its new Bible Pro and Bibble Lite, both nudging up to version 5.2, as “an ambitious project to n’ 
revolutionize digital photographic workflow", streamlining it to run "at the speed of light”. The applications, 

according to Bible Labs, offer tools for photographic editing and organizing capabilities all at “blazing speed in a : 
sleek, modern interface”. Version 5.2 adds, among other things, support for 14 new RAW formats, including Nikon vv i 
1D3100, D700, P7000 and Panasonic LX5, GF2 and GH2, and includes significant improvements to the application's 
selective editing capability. Both Bible 5.2 Pro and Bibble 5.2 Lite are available for Linux, Windows and Mac OS. Es 
bibblelabs.com 


pile 5 pro ys 


TYAN’s $8225 Workstation Motherboard 


TYAN is targeting its newly released $8225 Workstation Motherboard at graphics workstation and 

personal supercomputing applications. The power-efficient $8225 supports two six-core AMD Opteron 
4100 series processors and up to four double-wide PCLE 2.0 GPGPU compute accelerators. Additional 
features include four 1-Gbit Ethernet ports, integrated support for IPMI 2.0, an optional LSI 2008 SAS 
controller, integrated audio, IEEE 1394a headers and TPM 1.2 support in an ATX 12° x 13° form factor, 


www.tyan.com 


Illumination Software Creator from Radical Breeze makes application 
development not only accessible to everyone but also “just plain fun”. Now 
in version 3.0, this cross-platform, 100% visual application creation suite 
allows even those with absolutely no programming experience to visually 
design and create their own software applications that run on a wide 
variety of platforms. This latest version adds support for native iPhone 
and iPad applications using the exact same projects that already build for 
‘Android, Flash and so on. Apps produced for iOS platforms by illumination 
Software Creator are able to be submitted to the iTunes App Store, Support 
for Windows Phone 7 applications is coming soon. tlumination Software 
Creator is available on on Linux, Windows and Mac OS X platforms. 
radicalbreeze.com 


Wwww.linuxjournal.com april 2011 | 35 


__ oy 


Fresh from the Labs 


Q4Wine—GUI Front End 
for Wine 
q4wine.brezblock.org.ua 
There have been plenty of GUI front 
ends for Wine aver the years, and to 
be honest, I've hated pretty much all 
of them. However, this one has turned 
me around, and | recommend it to 
you as well 

‘To quote the Web site: “QaWine is 
a Qt4 GUI for W.LIN.E. It will help you 
manage Wine prefixes and installed 
applications." Also according to the 
Web site, Q4Wine includes the following 
general features (and more): 


1m It can export the Qt colar theme into 
Wine color settings 


It can work with diferent Wine versions 
easily at the same time 


i It’s easy to create, delete and manage 
prefixes (WINEPREFLX) 


It’s easy to control Wine processes. 


1m It supports autostart icons 
It provides easy CD image use 


m You can extract icons from PE files 
(exe, all). 


It provides easy backup and restore for 
managed prefixes, 


It Includes Winetriks support 


Installation Binaries are provided 
for Debian, Ubuntu, Fedora, FreeBSD, 
Gentoo, openSUSE, openmamba and 
Slackware, as well as the usual source 
farball. For those running with the 
source, the documentation says you 
need the following libraries: 


fm sudo 
fm wine 
m >=sqlite 3.5.6 


wm >=which-2.19 


m >=icoutils-0.26.0 
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A key feature of Q4Wine is its Processes tab, which acts as a built-in system guard for misbehaving 
programs, but only for Wine-specific programs—simple, but very clever. 


14.4.0 


-sql-4.4.0 (note: qt-sql might have 
sqlite driver support) 


. gui-4.4.0 
m >=qt-core-4.4.0 
im >=qt-network-4.4.0 


t-dbus-4.4.0 


m wget 


FuselS0 js listed as an optional 
dependency, but | thoroughly recom- 
mend it. | also had to install qt4-qmake 
and libqt4-dev. 

Grab the latest tarball, extract it, open 
a terminal in the new folder, and enter the 
following commands 


$ mkdir build 
$ cd build 
$ cmake -DCMAKE_INSTALL_PREFIX=/usr 


$ make 


If your distro uses sudo: 
§ sudo make install 
IF your distro uses root: 


Ssu 
# make install 


To run the program, enter: 
$ gawine 


Usage Before you can begin using 
Q4Wine, you'll be taken through a 

first startup wizard. You'll be asked 
where the paths are for four Wine 
components, with the first three most 
likely filled in already, and the last, 

wine libs, empty, needing to be defined 
This was /usr/lib32/wine on my system, 
which is perhaps left empty for 32-/64- 
bit reasons? 

Next is a similar screen for System 
utils paths (which thankfully come pre- 
filled with defaults), followed by another 
page of settings also pre-filled, but feel 
free to tweak them if you know what 


the whole system. 


you're doing. Network settings are next, 
followed by a very important step: 2 
quick mount profile 

This allows you to mount or unmount 
without root privileges, and hopefully, it 
will let you eject a disc during multi-CD 
Installations. FuselSO was the default 
choice with my installation (although | 
deliberately chose to install FuselSO for 
‘this purpose), but those without it may 
choose from sudo or gui sudo. 


's real talent lies in letting you define Wine settings for one program without affecting 


Still under the Programs tab is a 
current prefixes list, which under my 
new installation was pretty spartan. | 
added a games folder by right-clicking 
in the left pane and then clicking New. 
This brings up a dialog box prompting 
you to enter a new directory name. 
Type in a name and click OK. 

Now that you have a new folder, 
click on this folder, and in the right 
pane, right-click and choose New. This 


in the drop-down box. This option is a 
piece of genius, as you don’t have to go 
into winecfg and pick different settings 
every time you run another program, 

Go into the Override DLL tab, and 
you can choose specific DLLs to override 
the default options, whether native or 
built-in. This option will be familiar 
to anyone who's done this in winecfg, 
but with the added benefit of applying 
a DLL override to just one program, 
without affecting the rest of your system. 

Back in the main screen, there's a 
Wine AppD8 tab. Those who are new 
to Wine may not realize there’s a vast, 
database on the Wine Web site of 
Windows applications and how well they 
run under Wine. The aging Web site and 
its database always has been somewhat 
cumbersome, but this tab lets you skip 
the middleman and search the database 
from within the Q4Wine itself. 

‘A fear of mine when it comes to GUI 
front ends js that you can't always ter- 
minate an errant program the way you 
can with a basic terminal. The QaWine 
team has been extremely canny in that 
they've included a Processes tab, where 
you have a system-monitor-style interface, 
bbut only with Wine-specific processes. 
This is a game-changer for me. 

Wine has many extensions based 


A fear of mine when it comes to GUI front ends is that you can’t always 
terminate an errant program the way you can with a basic terminal. 


Now that you're in the main GUI, 
look under the Setup tab. The Current 
prefix: drop-down box gives you the 
brilliant option of choosing between 
Wine versions if you have multiple 
versions installed, 

If you click on the Programs tab, 
you're presented with a series of default 
system programs, including wordpad, 
winecfg, explorer and so on. The impor- 
tant thing for me, however, was the 
eject program, which let me get 
through Valve's two-disc installation of 
The Orange Box, on which | previously 
got stuck on disc one (either | couldn't 
eject it before, or couldn't get disc two 
to read). So any Half-Life fans out there 
may want to give this a go if you've 
‘also been having trouble. 

Now, let's move on to actually 
adding programs, 


adds a new icon, but first brings up a 
window with a slew of options; this is 
where some of the clever stuff lies 

The first two sections are pretty 
basic: the General section is where 
you tell QaWine where the program 
is, and the Icon options is where you 
give the icon a name and description. 
Thankfully, the General section has a 
Browse button for both the program 
and working directory fields, which 
saves you from having to enter these 
paths manually. For those advanced 
Users who want to add some arguments 
to the command, a specific field is 
provided here 

One of my favorite parts is the 
Virtual desktop section at the bottom 
of this tab. Here you can choose whether 
‘to have no virtual desktop at all, or 
you can select from specific resolutions 


around it, but until now, they've mostly 
been obscure projects that one had to 
seek out. Q4Wine integrates the impor- 
tant extensions, and by the look of 
things, it will continue to integrate more 
of these projects and extensions as they 
emerge. | know that other GUIs have 
done this sort of thing in the past, but 
QaWine really has the best interface. 
I've been using Wine for about a 
decade now, and I've seen many GUIs 
come and go. Either they've been 
too rudimentary in their features and 
interface, or they've been slow and 
clunky, making one give up on the 
Whole process. Q4Wine is none of 
these. It's sleek, quick, intuitive and 
packed with features. I'll no longer 
stick to a terminal and do these things 
‘manually. In fact, | just made a Q4Wine 
desktop shortcut. I'm converted. 
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deheader—C Header 
Analysis 
www.catb.org/~esr/deheader 
Ina world of ever-expanding code, 
it’s easy to become sloppy, with lines 
of redundant code or inelegant 
coming into play. Thankfully 
pS up to the plate—a 
simple tool that can save coders 
great deal of time 

Accarding to the Web site: 
“deheader analyzes C and C++ 
files to determine which header 
inclusions can be removed while still 
allowing them to compile. This may 
result in substantial improvements in 
compilation time, especially on lar 
C++ projects; it also sometimes 
exposes dependencies and cohesions 
of which developers were unaware.” 

Installation and Usage As far 
as packages go, at the time of this 
writing, the only thing available 
was a source tarball, But, fear not. 
No compiling is necessary, and because there's no real mention of library require- 
ments, I'm guessing most distros will run it off the bat, assuming they have Python. 

Download the latest tarball from the Web site, extract it, and open a terminal 
in the new folder. Then, it's simply a case of running: 


deheader scans code for redundant header 
inclusions. Here's some output from the MPlayer 
Project, for instance. 


§ -Jdeheader path-of-files 


If the given path is a directory, deheader scans all the files within. Give it some time to 
process, and eventually alist of all the unnecessary headers appears on-screen. For instance, 
| chose to analyze the now ten-year-old MPlayer code, a project that would unavoidably 
have a lot of legacy code and loose ends simply from being around for such a long time. 


As you can see, deheader is a very simple-to-use 
program with an elegant design. 


y ly ddd a switch of -r, and the unnecessary 
headers are removed from the files. If you want to do some test compiling, use the 
n example, here's a command | ran against the MPlayer coi 


$ ./deheader -- ~/src/mplayer-export-2010-12-27/ 


Those are the basics; refer to the documentation for more information 

As you can see, deheader is a very simple-to-use program with an elegant design. 
This ideal of coding elegance is manifest in deheader’s results. It should save a great 
deal of compilation time and highlight coding foibles that likely would have remained 
unnoticed. Although it's still sitting around in tarball source form, hopefully it will 
make its way into distro repositories soon. 


John Knight sa 26-year-old drumming and climing-obsessed maniac from the wrk’ mos isolated ciy—Perth, Wester 
‘Australia, He can sual be found either buried in an Audacity screen or thrashing a kick-drum beyond recognition. 


Brewing something fresh, innovative or mind-bending? 


Send e-mail to newprojects@linuxjournal.com. 
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Projects 


at a Glance 


Razercfg 
bu3sch.de/joomla/index.php/ 
razer-nextgen-config-tool 


Fans of the hard-core gaming 
company, Razer, no doubt will 
want to look up this project. 
According to the Web site: “This is 
the next-generation Razer devioe 
configuration tool bringing the 
Razer gaming experience to the 
free, Open Source world. This 
utlty is supposed to replace the 
old deathaddercfg utility. The tool 
architecture is based on razerd, 
Which is a background demon 
doing all of the low-level privileged 
hardware accesses. The user 
interface tools are razerofg, a 
command-line took; and qrazerotg, 
a Qté-based graphical device 
configuration tool.” 


And, according to its Freshmeat 
entry: “Supported devices are the 
Razer DeathAdder mouse, the Razer 
Krait mouse, the Razer Lachesis 
mouse, the Razer Copperhead 
mouse and the Razer Naga mouse.” 


GAdmin-Antivirus 
freshmeat.net/projects/ 
gadmin-antivirus 


I've always been put off by Clam 
antivirus’s command-line interface 
(just don't get i), so a GUI front 
end would be brillant. Thankfully, 
it seems numerous front ends 
exist, and hopefully, | can cover 
one or two in the coming 
months. Details on this project, 
however, are scarce, although 
I'd like to try it anyway. 
According to its Freshmeat 
entry: “GAdmin-Antivirus is a 
fast-and-easy to use GTK+ front 
end for Clam antivirus. Multiple 
scan sets can be scheduled to run 
at specific times via cron. Each of 
these scan sets can contain multi- 
ple directories to be scanned.” 


REVIEW 


HARDWARE. 


D-Link’s Boxee Box 


How does the Boxee Box stack up as a living-room entertainment unit? SHAWN POWERS 


When it comes to software battles, the 
Open Source community has its fair share 
KDE vs. GNOME, vi vs. Emacs, Firefox vs. 
Chromium—there seems to be countless 
rivalries. In my house, one of the biggest 
rivalries is between XBMC and Boxee. This 
month, | take a laok at Boxee, specifically 
the Boxee Box from D-Link 

Although Boxee itself is a software 
package, competing with software 
like XBMC, Front Row, Plex, MythTV, 
GeeXboX and so on, the Boxee Box is a 
hardware device competing directly 
against things like the Roku, AppleTV 
and GoogleTV. When compared to the 
other hardware options out there, it 
really does shine. 


What's in the Box’s Box? 
The most noticeable physical feature of 
the Boxee Box is its odd melted-ice- 
cube shape (Figure 1). It looks like 
someone took a cube and put a corner 
of it on a hot surface to make it melt 
I'm sure it's very artsy, and I've read that 
it efficiently manages the cables in the 
rear. But for me, it annoyingly doesn’t 
stack anywhere in my entertainment 
center, | know creative-yet-impractical 
designs work well for some companies, 
but I’m of the opinion that square is 
good. I'm often called a square, and 
it works for me—but | digress. It's a 
design choice and really doesn’t affect 
my opinion that much 

In contrast to the Box's design, the 
remote control is a thing of beauty. It’s 
like the mullet of remote controls— 
business on the front and party on the 
back. The top side has a very simplistic 
button design (much like an Apple 
remote to be honest). The flip side 
of the remote has a complete qwerty 
keyboard. It's not something you'd want, 
to write the Great American Novel 
with, but it fares about as well as a 
cell-phone keyboard does (more on 
the keyboard later) 

‘As you can see on the back of the 
Boxee Box in Figure 3, this unit is 
designed for high-definition (HD) systems. 
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Figure 1. The Boxee Box is remarkably not 
boxy. It is shaped like a cube that someone 
‘modified with a belt sander. 


Figure 2. | love the idea of the double-sided 
remote. Apart from a few nagging issues, 
its perfect. 


Figure 3. The ports are easily accessible in 
spite of the weird angle. 


The only video output option is HDMI 
Thankfully, there are both optical and 
analog audio outputs to go along with 
the HM! audio, but if you have a television 
without HDMI support, you'll need to be 
creative with adapters and such. 

The unit also has some USB ports in 
the back and an SD card slot on the 
side—or perhaps the SD card slot is on 
the top. With the melted-ice-cube 


design, it's really hard to determine 
What's considered up. Add to that a 
wall-wart power supply, and you have 
the contents of the Boxee Box’s Box. 


Box Guts 

Because the Boxee Box is an appliance, 
the internal hardware isn’t really as 
important as what it does, but we're all 
geeks here, so this part is interesting if 
nothing else. Originally, the Boxee Box 
was going to use the NVIDIA Tegra2 for 
video playback. In a last-minute switch, 
however, the Boxee team went with the 
Intel CE 4100 and a PowerVR GPU. The 
Boxee team is confident with its decision, 
and as long as it performs well, the end 
user really doesn't interact with the guts 
anyway. The Box boasts 


1m Atom processor, at 1.2GHz. 
mi PowerVR SGX535 graphics processor 
11GB of RAM. 

11GB NAND Flash memory 

HDMI 1.3 (audio and video) 

1m S/PDIF optical audio. 

Composite (RCA) audio. 

1m Two USB ports, 

SDHC card slot 

@ 100Mbps Ethernet port 

m 802.11n Wii 

lm Two-sided RF remote control 

The Two-Faced Remote 

The remote that comes with the Boxee 
Box is really a perfect addition to an 
entertainment device into which you 
occasionally need to type. Those of us 


who have typed on the Nintendo Wii's 
on-screen keyboards fully understand 


how frustrating it can be to “type 
with nothing more than direction: 
eys or a pointing device. Although 
the idea behind the two-sided remote 
is brilliant, it does have its flaws. 

The simplicity of the top side mak 
for a simple browsing experience, 
but unfortunately, it's so simple (and 


symmetric), it's easy to grab upside 
down. When you grab the remate 
upside down, up becomes dow 


right becomes left, and because the 
remote uses RF instead of infrared, it 
doesn't m: 
the wrong way. When you press a 
button, it registers. There is a raised 
logo on one side of the remote, but 
it's not really clear which end is up on 
the logo either, so you have to look 
closely to tell which is up and which 
It’s not a terrible problem, 
but it’s annoying at times. 

The keyboard is rather nice for 
mething so small. t's not too bad 
‘0 hold, and the keys give enough 
feedback that you can tell you're 
'yping. The enter and arrow keys 


ter if the remote is 


isi 


Those familiar with the Boxee software will 
recognize the Boxee Box's interface right away. 


A review 


+ in obvious positions, so you hav 
look when you're typing. That's no 
big problem either, unless you happen 
to be in the dark. The keys don't have 


to a 


What do you watch most? 


Figure 4 This dialog box just sets up the default 
‘media the Boxee Box plays back. It doesn't 
hinder your ability to watch on-line content, 


any backlight, so typing in the dark is 
just about impossible. Because typing 
isn’t required for normal operation 

that's not a showstopper, but I'd like 
to see future versions have some sort of 
ination for the keyboard buttons. 


The Software 

Those familiar with the Boxee software 
will recognize the Boxee Box’s interface 
right away. There are a few big 
changes, but for the most part, it is 
ilar to the traditional Boxee experi- 
ence. I'm currently using the firmware 
released in mid-December 2010, which 
id welcome) 


makes some significant (ar 
hanges. The big different 
ality (apart from Wi-Fi working, which i 
did not for me out of the box) was a 
n how the Boxee Box displays 
media. Figure 4 shows the dialog box 


in function- 


Deploy. 


Full root access on your own virtual server for as little as $19.95/mo 


Scale. 


Multiple Linux distributions to choose from + Web-based deployment + Five geographically 
diverse data centers « Dedicated IP address « Premium bandwidth providers + 4 core SMP Xen 


instances + Out of band console access « Private back-end network for clustering + IP fé 


over 


support for high availability * Easily upgrade or add additional Linodes + Free managed DNS 


For more information visit www.linode.com or call us at 609-593-7103 


linode 


that appears on boot, asking how you 
prefer to view media. This question is a 
little confusing, as it doesn’t explain 
What difference your choice will make, 
but simply put, if you choose Local 
Media, the Boxee Box defaults to showing 
you media stored locally as opposed to 
Web content. You're still able to watch 
Web content, and it's not difficult to 
do so, but by default, Boxee paints to 
local media 

The interface is functional, but its 
not always intuitive or easy to navigate 
For example, it takes a series of clicks to 
get back to the home screen, with no 
apparent shortcut to get there quickly. 


Web streams are clear and watchable. 
(That is likely due to my beefy Internet 
connection, but the Boxee renders the 
Web streams well, so kudos.) 


Third-Party Software 
Boxee, and in turn the Boxee Box, has 
the ability to use “applications” in order 
to access other on-line services. These 
are almost identical to the Roku’s appli- 
cation system, if you are familiar with 
that. At the time of this writing, many 
applications exist that add value to the 
Boxee experience. Pandora Radio has a 
great interface, and many on-line sites, 
such as College Humor and Revision 3, 


The video playback for local media is stellar. 


The menu button doubles as a back 
button, but it isn’t labeled as such. Even 
with those frustrations, however, the 
menu system isn't difficult to figure out. 
have read other reviews claiming the 
Boxee Box menus are sluggish, but I've 
noticed that only when identifying 
media or making significant system 
preference changes. Usually the remote 
and interface are quite responsive 

The video playback for local media is 
stellar. In my 5T8 file server, | can’t find 
a single file that won't play. Playback of 
1080p MKV files is flawless, and even 


Local Media, 


Boxee always has handled local 
media in two ways. Users can 
access their filesystems directly and 
peruse their video collection folder 
by folder. Where Boxee really shines, 
however, is with its media library 
function. If files are named correctly 
(basically with the name of the 
movie and year), Boxee downloads 
genre information, cover art, ratings 
and other metadata. It's possible to 
browse your media collection like 
you'd look through movies at the 
rental store. Because Boxee 
downloads metadata, you even 
‘ean sort your collection to find that 
perfect popcorn companion. 


have applications that will guide you 
through their catalogs. Netflix and Hulu 
are glaringly absent. By the time this, 
goes to press, hopefully both on-line 
services will be available, but their 
absence makes the Boxee seem quite 
lacking, especially if you don’t have an. 
extensive library of local media, 
Firmware updates certainly will 
improve the Boxee Box as time goes on, 
but the application framework is where 
the magic could really happen. Third- 
party applications turned the Roku 
from a Nettlix-streaming device into 


Boxee Style 


Boxee makes your media collection look 
beautiful. The initial scanning takes a long 
time, but the cover art and metadata are 
really nice. 


Granted, the media scraper isn't perfect, but the Boxee Box gives you the ability 
to identify media it can't figure out automatically 
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a full-blown living-room entertainment 
unit. Because the Boxee does (or will do 
shortly) all the things the Roku can do, 

plus plays any local media you throw at 
it, its really positioned to be the perfect 
set-top box, 


al Thoughts 
The Boxee Box, like its software-only 
counterpart, Boxee, takes a different 
approach to media from XBMC. Where 
XBMC is fast, clean and elegant in its 
simplicity, Boxee does everything it can 
to immerse users into a multimedia uni- 
verse. XBMC plays media, whereas Boxee 
is an entertainment system. Even after 
taking the Boxee Box through its paces, 
I'm not convinced one is better than the 
other. They're just different. At $199, 

the Boxee Box is an affordable way to 
get an extremely robust media center. 
Although | have XBMC on a $199 nettop 
device, and it runs fine, the integration 
of specialized hardware is hard to beat. 
heartily recommend the Boxee Box for 
anyone considering an HD media center. 
Although the unit | reviewed didn’t have 
Netflix, Hulu or even VUDU, by the time 
you read this, it should have access to 
all three, which really will make Boxee 

a tough box to beat when it comes to 
home entertainment. 

My only recommendation before 
buying the Boxee Box is to download 
the Boxee software and see if you like 
its interface. Granted, the download- 
able version is aesthetically different 
from the Box's interface, but it’s a good 
way to see whether you are comfortable 
With the Boxee way of doing things. 
Some like it; some hate it. (See the 
Local Media, Boxee Style sidebar for 
alittle more information.) it’s free, so 
you can try it before you buy it. Check 
it out at www.boxee.tv a 


‘Shawn Powers isthe Associate Etor for Linu Journal Hes 
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Drup 


al 7: 


the Webchick 
behind the 
Wheel 


Katherine Druckman talks to 
Angela Byron about Drupal 7 
and managing a distributed 
open-source development team. 


KATHERINE DRUCKMAN 


Photos by Kris Krug 


in the Open Source community. She has been popular Web platform and CMS is the best version yet. We 


f ngela Byron is one of the most respected contributors has worked tirelessly to ensure that the latest release of the 


recognized for her efforts by Google, receiving _talked to Angie about her role as co-maintainer of Drupal 7 


the 2008 Google-O'Reilly Open Source Award for Best 


and about what it takes to manage such an important, 


Contributor. She's passionate about the Drupal Project and massive open-source project. 
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FEATURE Drupal 7: the Webchick behind the Wheel 


KD: You've had a very busy three years 
taking the lead as core maintainer on the 
newly released 7th version of Drupal. Tell 
Usa little more about what being the 
Drupal 7 core maintainer means. What 
does it entail? 

‘AB: Dries Buytaert is the Drupal 
Project's founder and project lead, also 
known as our Benevolent Dictator for Life. 
He holds the keys (as in commit access) to 
Drupal core. Each new release of Drupal, 
Dries also appoints one other person, 
called a co-maintainer, who is also given 
commit access and the responsibilty to 
help set the vision and direction of the 
release alongside him. 

Neil Drumm was the core co-maintainer 
in Drupal 5, and he prioritized usability 
improvements, including a graphical 
installer. Gabor Hojtsy was the core co- 
maintainer of Drupal 6, and he prioritized 
‘numerous internationalization improve- 
ments. In Drupal 7, | was selected. Things 


“code thaw” where we make our 
wildest dreams come true and add 
new features, break APIs and generally 
pursue world domination. 


m “code slush” where we focus on 
polishing the rough edges from code 
thaw, API consistency, UI cleanups 
and performance. 


m “code freeze" where the APIs get 
severely locked down, and bug 
fixes/stabilization is the name of 
the game. 


The intensity varies, and generally 
Whenever we have a major deadline (for 
‘example, a Drupalcon is coming up or a 
code freeze date is about to be declared), 
things heat up a lot. Most of our major 
features were introduced a week or so 
before one of those major deadlines. 

One of the most challenging things 


of those patches has to be reviewed and 
then committed by Dries or me. 

It’s both incredibly exciting and 
challenging to work in this environment. 
My favourite parts were forming battle 
plans and kicking around ideas on how ta 
make Drupal 7 the most amazing release 
possible, helping new contributors submit 
their first patch, seeing the community 
consciousness about things like usability, 
design and accessibility gradually evolve 
and accept their importance. The core 
contributors are amazing, smart, dedicated 
and passionate folks who pour their 
hearts and souls into Drupal, and I'm 
honored to work with them every day 
on IRC and the issue queues, 

However, this level of closeness also 
meant things also could get a bit personal 
sometimes. And when they did, it really, 
really hurt, because these folks are all my 
friends, and we have worked so closely 
together for years. There definitely were 


Image handling now is included out of the box without 
the need to download six or seven additional modules. 


| prioritized included usability, quality 
assurance, "developer experience” (API 
consistency and other things that make 
Drupal more enjoyable to work with), and 
making Drupal more accessible to designers, 
themers and people with disabilities. 

“On paper”, a core co-maintainer's 
responsibilty is to review and commit 
patches submitted by the core developers 
In practice, | found that 80% or so of my 
time was spent not doing that, but instead 
on more “human” endeavors: identifying 
people working in similar areas and 
encouraging them to work together, 
helping brainstorm architectural direction 
on certain patches, mediating heated 
arguments, helping new contributors 
get involved, promoting major initiatives 
and so on. So in some ways, it was a 
community management role, but with 
commit access thrown in. 

KD: Which part of the three years 
has been the most intense? | would guess 
these past few months, but then | wonder 
What the pattern has been over the course 
of working on this version. How was it at 
the beginning versus the middle and end? 

‘AB: Drupal’ release cycle goes in 
three phases: 
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was maintaining momentum after code 
‘thaw (aka the “fun” part) completed. 
People could no longer add their pet 
features; instead, the attention turned to 
“the slog” of bug fixes and incremental 
improvements. The number of core 
contributors died off significantly as 
they focused back on their contributed 
modules or other projects, and those 
who were left had to carry the pretty 
‘tremendous burden of taking us from 
some 150 critical issues down to zero 
so we could release 

KD: Drupal has a lot of core contributors. 
Its up to around 1,000 now, isn't it? 
Obviously a small number of those contribute 
the bulk of the code, but it's still an 
enormous group of people to coordinate. 
Can you tell us about that experience? 

‘AB: Yeah, the count from the commit 
logs was a litte less than 1,000, but that 
doesn’t include people who reported 
bugs, tested patches and so on. That 
number includes a set of maybe 50-75 
hard-core people who spend their lives, 
in the Drupal core queue daily and then 
an enormously long tail of others who 
contribute only a handful of patches 
‘And, bear in mind that every single one 


days when | needed to step away from 
the computer for a few hours and get 
some perspective, and even considered 
throwing in the towel altogether more 
than once. 

On the whole though, the experience 
was absolutely amazing. I'm infinitely 
proud of the team and what we've 
managed to accomplish with Drupal 7. 

KD: What can you tell us about the 
decision-making processes involved in 
developing and maintaining this sort of 
a project? How do you collectively decide 
‘on a course of action or the best approach 
to a problem? Programmers can be 
married to their ideologies. How do you 
deal with that? 

‘AB: Drupal is very much a consensus- 
based community. Problems are identified, 
solutions proposed, code written and then 
discussed among at least two but possibly 
dozens or hundreds of people. No change, 
big or small, makes it into the upstream 
code unless it has been marked “reviewed 
& tested by the community”, which means 
at least one other person has looked at it 
and given it a nod of approval. This is a 
great “community engineering” strategy, 
because it ensures better quality code 


and encourages developers to be civil 
to each other so they can find reviewers 
for their patches. 

There's typically very little content 
around straightforward bug fixes. On 
some of the more esoteric or architecturally 
facing issues, however, lots of people start 
throwing around opinions on approaches, 
and sometimes heated ones 

In my role as core maintainer, the 
best thing | could do in those situations 
usually was simply monitor the discussion 
carefully, but keep mostly quiet except 
when things escalated to personal 
attacks. In almost all cases, if developers 
are given free reign to hash things out 
among themselves, they're able to come 
to a mutual resolution without any 
intervention. It's important that this 
happen most of the time, in order to 
build camaraderie and respect among 
the development team. 

Occasionally, however, a stalemate 
was reached and intervention by a core 
maintainer was needed. In this situation, 
I normally try to take the folks aside in 
IRC and see if we can hash out their 
differences together. Oftentimes a heated 
discussion on the issue queue dragging 
on for days can be settled in minutes 
When both parties are brought together 
with a mediator. | try to summarize the 
opposing views and explain what is good 
about each perspective in an attempt to 
disarm some of the defensiveness that 
might be brought into such a meeting 
Neither person's idea is “wrong”; they 
both have pros, but we need to come 
to the right decision that might be some 
mixture of both 

In cases where we weren't able to 
come to resolution, I'd post my best 
attempt at a mutually agreeable solution 
This actually very rarely was the actual 
solution we went with, but it had a way 
of “resetting” the conversation to be 
around a new suggestion rather than 
the old ones, which usually helped 
everyone play nicely again—usually. On 
the whole, | just tried to remind people 
that we're all here to make Drupal 
better, even that stubborn git who can't 
see your point of view yet 

KD: What excites you most about 
Drupal 7? Do you think Drupal 7 improve- 
‘ments will increase Drupal adoption? 

AB: Feature-wise, its hard to pick— 
there were so many things we added to 
Drupal 7—but I'd say overall it comes 
down to the following things: 


in 


Image handling now is included out of 
the box without the need to download 
six or seven additional modules. This is 
huge for adoption, at least for people 
who want something other than tes 
on their Web sites, who apparently 
exist. It also brought with it a host of 
improvements with our native file API, 
which has interesting implications for 
extending Drupal for use as a document 
management system 


The new database abstraction layer 
has a lot of people really excited. Both 
‘from its support of new features, such 
as transactions, and support for more 
database back ends, but also its new 
object-oriented syntax. Basically, 
everything that ever sucked about 
our database abstraction layer has 
been fixed in Drupal 7 


The new entity and field paradigm is 
an important shift in the Drupal Project. 
In the past, Drupal was very “content- 
oriented”, and lots of features were 
developed that would extend “nodes” 
or pieces of content in the system. This 


resulted in a lot of people trying to 
shoehorn things that weren't actually 
nodes (such as users, comments and so 
(on) into nodes so they could benefit 
from these features. In the future, 
these same features will be developed 
as fields, which then can be used 
actos any entity in the system—users, 
comments, content, taxonomy terms 
and more. 


The automated testing framework and 
more than 30,000 tests we added to 
Drupal 7 has had profound effects on 
‘our community development process. 
We know instantly if any patch in the 
issue queue works or breaks existing 
tests. We are free to refactor subsys- 
tems knowing we didn't break any 

of the existing functionality, and the 
“test-driven development” mindset 

is slowly working its way into our 
development community's conscious- 
ness as a best practice 


Overall, 'm simply thrilled with the 
amount of diversity in the core develop- 
‘ment team now as compared to the last 
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FEATURE Drupal 7: the Webchick behind the Wheel 


release. We have an accessibility team, 
a usability team, a markup and design 

team, and a documentation team dedi- 
cated to improving the core in ways that 
go beyond the code. My hope is that 

the leadership shown by early pioneers 
in these fields will open the floodgates 
for new contributors in the Drupal 8 pro- 
cess, and that Drupal 8 improves upon 
Drupal 7 in all of these areas and more. 


KD: | have played with Drupal 7 quite 
a bit, but | can’t say I've really put it to 
full use yet, and | keep hearing about haw 
much more usable it is. How much do you 
think this will affect the Drupal learning 
curve? 

‘AB: Usability was something that saw 
tremendous attention during the Drupal 7 
release cycle, and we saw a radical trans- 
formation in the culture of the Drupal 
development community and how seriously 
this barrier of entry was treated 


about fixing many of the problems identi- 
fied in testing, and they fixed a number of 
important and obvious problems in the 
existing Ul. Additionally, Acquia funded 
Mark Boulton and Leisa Reichelt, a design 
and usability expert, to take a holistic view 
of the Drupal administrative experience 
and make more wide-sweeping changes, 
in a community-driven, collaborative usabil- 
ity experiment called D7UX. Both initiatives 
worked in tandem to provide Drupal 7 
with a new administration theme; a set of 
common administration patterns, such as 
a toolbar and contextual links; and a task- 
based administrative information architec 
ture. We haven't yet been able to test 
formally how the usability work we did in 
Drupal 7 improved the situation over the 
results we saw with Drupal 6, but preliminary 
feedback from the broader community has 
been pretty awesome, 

This usability work doesn’t fully address 
the dreaded * 


isn’t additionally overburdened with 
read requests, which can be routed 
instead to read-only slave databases. 


1m Reverse-proxy support—a reverse proxy, 
such as Varnish or Pound, can greatly 
speed up Web site access by caching 
copies of pages and then intercepting 
requests to serve them, saving the Web 
server from having to handle page 
requests directly. Drupal’s settings. php 
configuration file now contains directives 
to enable reverse-proxy support 


@ Support for content delivery networks 
(CDNs)—services exist for caching 
static files, such as images, CSS and 
JS, across multiple geographically 
distributed computers, which then 
can be served to visitors more quickly 
than a round-trip to the Web server 
Where Drupal is stored. By invoking 
hook_file_url_alter(), modules can 


For folks coming from other CMSes, such as WordPress 
or Joomla, the biggest hurdle to getting started with 

Drupal is often the “LEGO block” approach Drupal takes 
to building sites with modules. 


Just after Drupal 6 was released in 
February 2008, Dries, myself and several 
other major contributors went to the 
University of Minnesota (yes, Minneapolis, 
in February—that's how much we love 
Drupal) to perform our projects first 
formalized usability study. We were given 
a room with one-way glass, tools like 
eye-tracking software to tell where people 
were looking on the screen, and the 
University found several participants who 
had previous Web develonment experi- 
ence with tools like WordPress, Movable 
Type and Dreamweaver but not with 
Drupal. In other words, people in our 
project’ direct target audience 

The results were absolutely shocking 
and completely transformed the way | 
look at Drupal. We found that participants 
were completely lost as to whether they 
were on the front end or back end of their 
Web sites. They were unable to find majar 
administrative sections in order to perform 
basic tasks. They were mystified by Drupal 
jargon, and on and on. 

‘A usability team was formed who set 
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There still are an awful lot of things you 
need to know in order to be a successful 
Drupal site builder, ike what modules you, 
should use for what and what the heck 
weird words like “taxonomy” and “node” 
mean. However, Drupal 7 hopefully should 
require a lot less customization from site 
bullders to put it in front of their clients 
and give them a better leg up on answer- 
ing the question, "Great. | have 2 Drupal 
site installed...now what?" 

KD: It's supposed to be more scalable 
too. Can you tell us how? 

‘AB: A number of new features in 
Drupal 7 help with the situation where 
your site needs to accommodate huge 
blitzes of additional traffic, assuring all 
visitors of a speedy experience 


@ Master/slave replication support in the 
database abstraction layer—database 
writes are slower than database reads, 
and reads happen way more often. A 
master/slave setup allows you to sepa- 
rate reads from writes, so that the main 
database storing all the information 


re-route requests from Drupal's files 
directory to services, such as Akamai 
or Amazon CloudFront, 


There's a high-performance distribu- 
tion of Drupal 6 core called Pressflow 
(ptessflow.org) from which a lat of these 
scalability improvements originated. 

KD: For aur readers who are more 
comfortable with WordPress, Joomla or 
even platforms like Ruby on Rails and 
Django, what do they need to know 
about Drupal, and in particular Drupal 7, 
in order to have the best experience 
getting started? 

‘AB: For folks coming from other 
CMSes, such as WordPress or Joomla, 
the biggest hurdle to getting started with 
Drupal is often the "LEGO black” approach 
Drupal takes to building sites with mod- 
ules. It common in other CMSes that if 
you want to add a photo gallery to your 
site, you simply search for a photo gallery 
extension and choose from a list of prebuilt 
all-in-one options. 

In Drupal, however, the trend in 


‘modules is more toward small, generic, re-usable components that 
can be combined and mixed and matched in lots of various ways 
There's not much in the way of off-the-shelf photo gallery modules 
for Drupal. Building 2 photo gallery in Drupal typically involves, 
creating a content type to provide a data entry form for images, 
adding an image field in order to upload photos to the content 
type, creating a view of photo images, and so on. Although more 
elbow grease is required at the outset, the advantage is that the 
photo gallery you end up with can behave exactly as you want 
‘And, the same module that provides an image field for photo gal- 
leries also can be re-used to provide album covers and user avatars, 
while the same module that provides a photo gallery view can be 
sed to create event calendars, RSS feeds and other types of listing 
pages. This level of customization and re-usability is what attracts 
people to Drupal, but it definitely requires a tinkerer’s mindset. 

For folks coming from frameworks, such as Django or Ruby on 
Rails, the main thing to realize about Drupal is that it's more of 2 
“framlication” than a pure framework. Drupal provides ample APIs 
for dealing with file handling, session management, international- 
ization and so on, and it also provides a “hook” system from 
which Drupal’s base behavior can be extended. However, it also 
makes some base assumptions that what you're building is a 
Web-based application tracking things like users and content, The 
advantage of this is you don’t need to recode a new login system 
every time you build a site on Drupal; this type of low-level 
functionality is provided for you in an extensible way. But, it does 
mean if you don’t agree with some of the base assumptions 
Drupal makes, you'll need to spend a bit of effort developing a 
module to alter behavior you want to change. The best advice 
| probably could give to folks coming from more traditional Web 
frameworks is to take the time to explore what Drupal can 
do without writing a line of code, which is fairly substantial. 
Then, learn the extension mechanisms Drupal provides—hooks, 
the theme system, the localization layer and so on—to make 
customizations in a forward-portable way. 

KD: You've worked on some major, large-scale Drupal projects, 
and Drupal was also selected as the platform for Whitehouse. gow. 
What about Drupal lends itself to those types of sites? 

‘AB: | think Drupal hits a sweet spot in that its free, open source 
and an extremely capable framework that’s constantly evolving. It can 
be highly customized to particular use cases, and it has an ever- 
growing community with a lot of expertise. Many of the enterprise- 
level clients we work with move to Drupal from less-capable, 
proprietary CMSes that have thousands or even hundreds of 
thousands of dollars per year in licensing fees, with bugs they can’t 
fix themselves because they're beholden to a vendor's schedule. So 
the idea of moving to something they can be trained on internally 
or hire outside expertise to implement quickly is very appealing m= 
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Drupal for 
People Who 
Hate Mice 


Read on for more about this 
command-line shell and 
scripting interface for Drupal. 


James Walker 


uring its ten-year rise to prominence, Drupal Even for those of you proficient with your 

dramatically has changed the way people us ointing devices, there still are times when you 

it to build Web sites. Without needing to just can’t beat the elegant power of the command 
write a single line of code, Drupal users are able to build line. As Linux users, you have all experienced the 
complex, custom Web sites through the point-and-click sheer joy of a simple shell script to automate 
Web interface. The problem is | hate Web interfaces repetitive tasks (and if you haven't, why not?). 

e fair, the rise of keyboard shortcuts in modern _—There is a long list of scenarios where using 

Web applications has made them far more comfortable _Drupal’s Web interface is either inefficient or 


for me, but | don’t like mice (and don't even get me inconvenient, but the truth is, for most Web 


started on trackpads). | am a keyboard kind of guy; developers and sysadmins, the command line is 


hands on home row make me happy. a comfortable place. 
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Enter Drush 
Drush (DRUpal SHell) is a command-line shell and scripting 
interface for Drupal, a veritable Swiss Army knife designed to 
life easier for those of us who spend some of our working 
hours hacking away at the command prompt 

Drush began several years ago as a project to provide a command- 
interface to Drupal. Although somewhat limited in its early 
utility, Drush has matured to became an essential tool for many 
Drupal developers and administrators (myself included). 

The current version, 4.1, brings a ton of great new built-in 
commands, plenty of internal cleanup and better support for Drupal 7. 
Arguably more exciting, however, is the growth of add-ons and exten- 
sions for Drush. Although not a traditional Drupal module, Drush is 
highly extensible via its own API, A large number of existing Drupal 
‘modules now include Drush commands in their official releases. 


Getting Started 
initial versions of Drush required a working Drupal installation 
prior to installing Drush. Since version 2, however, Drush hi 
become Drupal-version-independent, You don't need a working 

Drupal site to install Drush. In fact, as you will see shortly, you 

can use Drush to install your Drupal site full. 

Installing Drush on Debian/Ubuntu systems is as simple as 
running apt-get install drush. However, the current stable 
Debian/Ubuntu versions include packages for Drush 3. To get the 
atest and greatest, or if you're on a system without a Drush 
package, you need to go through a few extra steps: 


1. Make sure you have a working version of PHP CLI. This generally 
can be accomplished by installing the php5-cli package on 
your system. 


Download Drush from drupal.org/project/drush (| am currently 
using the “All-versions-4.1" release). Extract the downloaded 
package (.2ip or tar.gz) and place it where you won't lose it. | 
typically place Drush in ~Aocal/drush on my development machines 
and /usr/locaVdrush on servers, but the location is flexible. 


3. Get the drush command into your $PATH. You can make this hap- 
pen in several ways. Drush includes a shell script (called drush) that 
tries to determine the "best" PHP interpreter to use and runs the 
drush.php PHP script. | typically symlink this script into a directory 
already in my $PATH (In -s /usr/Local/drush/drush 
/usr/Local/bin/drush). Alternatively, you can add the path of 
your Drush install to your $PATH or provide your own shell alias to 
the PHP script itself. See the included READIME. tt fie for full details 


to 
status in your terminal and see output som 


est your new Drush instal, you should be able to run drush 
ing ike this 


PAP configuration /etc/php5/cli/php. ini 
Drush version 4. 

Drush configuration 

Drush alias files 


lf that worked, it time to let the real fun begin! 
Look, Ma! No Mouse! 


Although Drush works without an existing Drupal installation, it is 
certainly much more fun with one around. in fact, one of the most 


fun uses of Drush is to install new Drupal sites, Normally this process 
‘would include something like: browse to drupal.org, click Get 
Started, then click Download Drupal, then click to download the 
ile. Extract that package into your Web server's document root. 
Create a database for your new Drupal site. Browse to your new 
Drupal install (that is, httpy/localhost/drupal) where you will be tossed 
into the installer. Begin clicking your way through the installer (wh 
you'll Ikely be asked to chmod your settings fle), and after seven or 
more screens, you'll have a working Drupal install. Of course, chances, 
good that from here you'll go on to download a handful of 
modules (again, browsing drupal.org and extracting zip files) and 
clicking through the interface to turn them on and configure them. 

Phew, that's a lot of clicking! 

Okay, its not so bad when you are installing your first Drupal 
fe, but it takes a lot of time with your mouse, and if you install 
(or re-install) Drupal sites a lot, it can become tedious. Let's look 
that process with Drush 


ir Web serve 


1. Change into t directory (ed. /var / ww) 


2. Run drush dl drupal-7.@. This downloads Drupal 7.0 from 
drupal.org and extracts the files into /varwww/drupal-7.0. 


3. Change inta the newly created directory (cd /var/wnw/ 
drupal-7.0) and run the site-install command: 
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rush site-install --db-urlenysql://root -secret@Locathast/drupal 

Answer “y" to the following prompt, and in a few short moments, 
you'll have a working Drupal install (using the “crupal” database on, 
localhost). To verify, you can browse to httpy/localhost/drupal-7.0/ and 
log in using admin/admin as the user name/password, respectively. The 
site-install command has several additional options; run drush help 
site-instal for full detalls 

What if you need a handful of Drupal-contributed modules 
for your site (as most people do)? Don't reach for your mouse 
yet! Let's grab “views” and “devel” while we're here (still in 
our Drupal directory): 


drush dl ctools views devel 
drush en views views_ui devel 


(Note that ctools is a required dependency for Views in Drupal 7.) 

The Drush dl command (a shortcut for pm-download) is very 
clever about how it downloads the modules and where it places 
the extracted folders. By default, it grabs the tar.gz file from 
drupal.org and places folders inside the sites/all/modules directory, 
but you have full control (including using CVS checkouts or where 
the folders belong). See drush help dl for full details. 

As with most tools, people develop their own habits with 
Drush, but here are a few built-in commands you are likely to 
appreciate (at least in time): 


Mi drush cc (or cache-clear): Drupal developers learn early on to 
clear the cache” while developing, because Drupal aggressively 
caches its more complex internal data structures. Chances are 
good that if you're writing code, you have a terminal window 
nearby, and running drush cc all will ensure that when 
you check your latest work in the browser, you'll accurately 
see the most recent chan 


ME drush cron: the Drupal installation guide (INSTALL ba) recom- 
rmends running Drupal’s periodic maintenance tasks by adding a 
crontab entry that uses wet to fetch httpy/lexample.conv/cron.php 
periodically. In Drupal 7, this now requires a generated “cron_key’ 
parameter as part of the URL to inhibit nefarious requests. Using 
Drush eliminates the need for the key and avoids tying up a Wel 
server process to do periodic maintenance. 


ME drush up (or pm-update): this command checks drupal.org for 
new releases for all installed modules and offers to download 
all updates and run the database upgrades for you. it even 
handles that pesky, easily forgotten “backup first” step. 


Running drush help in your Drupal directory always will give 
you the list of currently available commands (based on madules 
installed and so forth). For more information on each command, 
tun drush help <command> 


The Power of Aliases 

You may have noticed that we ran our drush commands above from 
inside the Drupal install directory. This allows Drush to determine 
which Drupal site (and configuration options) to use. However, for 
those looking for a bit more freedam and particulary those working 
within Drupal “multi-site” environments, you need to make use of 
the -root and —uri switches for Drush. This can lead to a lot of 
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itive typing. if you have only a single Drupal site, you can specify 
these options (and lots more) by creating a .drushrc.php file in your 
home directory. See the example.drushrc.php file in the examples 
folder of your Drush installation for more detail 

For those of you who work on several Drupal sites across 
various versions and installations, Drush provides an “alias 
mechanism to define the common parameters. To create an alias 
for this example site here, you can create a file 
~/.<rush/aliases.drushrc.php containing the following PHP code 


sa 


‘ases['example'] = array( 
root! => '/var/waw/exanple/ drupal 


urit => ‘example.com 


Now you can run drush commands for your example site from any 
directory using drush @example <command> (for example, drush 
sxanple status). To make things even better, aliases can reference 
remote sites (accessible via SSH) by including the remote-host and 
remote-user options. See the example aliases drushre.php fle from the 
‘examples folder in your Drush install directory for full details 


The Sky Is the it 

With each new release, Drush includes more commands, and Drupal 
modules are increasingly offering Drush commands with their releases. 
if that’s not enough (and you aren't afraid of writing some PHP), you 
‘an write your own Drush commands. The examples folder in your 
Drush instal includes a sample command, make-me-a-sandwich 
(XKCD fans rejoice!) for those interested in learning more. 

One of the greatest testaments to the power of Drush is 
the Aegir Hosting Platform (see Resources), which provides a 
mass-hosting environment (with support for multiserver installations) 
Although it includes a Web interface, Aegir does all of its heavy 
lifting via custom Drush commands. 

If you work with Drupal and hate using your mouse (or prefer 
your terminal), Drush can save you countless hours of clicking and 
yen a whole new world of scripted Drupal tasks. 


James Walker is a longtime Drupl developer consultant trainer and advocate. He isa co-author 
cof the O'Reily book Using Drupal and aften canbe found speaking at Drupal conferences and 
evens, Find him on-line a “waka” or via waka net. 


Resources 


Download Drush 4: drupal.org/project/drush 


Handy On-Line Reference (for those who still prefer Web 
pages): drush.ws 


Modules That Already Include Drush Support: 
drupal.org/project/modules?filters=tid:4654 


Drush Aliases: developmentseed.org/blog/2010/mar/ 
10/drush-30-more-powerful-flexible-and-magical 


For Shell Completion Junkies: drupal.org/node/437568 


‘Aegir for Mass-Hosting Drupal: www.aegirproject.org 


2011 High Performance Computing Financial Markets — Plan to attend. 
Two successful Wall Street events — April 4 and Sept 19, Roosevelt Hotel, NY 


2011 8TH ANNUAL HIGH PERFORMANCE LINUX 
FINANCIAL MARKETS show and conference 
Apri 4, 2011 (Monpay) Roosevett Hotet, NYC 


Madison Ave and 45th St, next to Grand Central Staion 


8TH ANNUAL HIGH PERFORMANCE COMPUTING 
FINANCIAL MARKETS show and Conference 
SEPTEMBER 19, 2011 (MonDaY) ROosEvELT HoTEL, NYC 


Madison Ave and 45th St, next to Grand Central Station 


The 2011 High Performance Computing Wall Street Shows will 
assemble 800 -1,000 Wall Street professionals at the convenient and 
affordable Roosevelt Hotel, April 4 and September 19. 


Plan to be there. See live demonstrations of speed, low latency, network solu- 
tions, data storage solutions and where to reduce costs for your tight budgets 


The 2011 8th Annual High Performance Computing Linux, April 4, 
Monday, Roosevelt Hotel will focus on High Performance Computing, Low 
Latency, Linux and Open Source, Virtualization, Cloud, Grid, Blade, Cluster, 
Ultra High Speed Networking and HPC Data Center Solutions for Wall Street. 


The 2011 8th Annual High Performance Computing, Sept 19, Monday, 
Roosevelt Hotel will assemble IT professionals and Wall street business 
managers to see the latest trends in High Performance Computing, Low 
Latency, Virtualization, Cloud, Linux, Grid, Blade, ClusterUttra High Speed Net- 
working and HPC Data Center Solutions for Wall Street. 


“The show fioor was packed with WallStreet solutions including 
HPC, low latency, storage and data center hot new products." 


The Roosevelt Hotel is convenient. A short walk from most midtown offices. 
Plan to attend. Show is Free. 8-4 pm, but you must register in advance to receive 
your free show badge. 


Conference program 8:30-4:50 pm with Plenary Sessions, Drilldown Sessions, 
a Wall Street luncheon, handouts and more at $295. Save $100. $395 on site. 
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SIMPLICITY AND 
PERFORMANCE: 
JavaScript 


on the 


The award for the hottest new server Web development language goes to. 


Server 


JavaScript! 


JavaScript, language of the browser since the early days, is the hottest language for server-side 
development. See why JavaScript is the language for developing quick, easy and incredibly 
powerful server-side applications. 


Avi Deitcher 


Fux: Douglas Crockford, the high priest of JavaScript (5), has 
claimed that itis a powerful, flexible language suited to a multi- 
tude of tasks, especially if you can separate it from the ualy browser 
side piece that is the Document Object Model, or DOM. Because of 
the browser, JavaScrint is the most popular programing language 
around by number of users. Job sites dice.com and manstercom post 
more jobs for JavaScript than any other language, except Java. Of 
course, if JavaScript runs in a browser, or anywhere, it must have an 
engine. Those engines have been around since the earliest /S-capable 
browsers, and they have been available as separate standalone entities 
for several years. Thus, the potential for running JS on its own always 
has been available. However, JavaScript always has missed two citical 
‘elements to make it worthwhile to run on the server side. 


FREE TRADE AGREEMENT 
The first missing piece was a common set of libraries. Quite simply, 
because JS was 50 focused on the browser, it was missing basic VO 
libraries, such as file reading and writing, network port creation 
and listening, and other elements that can be found in any decent 
standalone language. Ruby includes them natively; Java includes 
them in its java.io and java.net packages. For JavaScript, running 
alone when all you can do is process text and data structures, but 
not communicate with the outside world, was rather useless. Over 
the years, several attempts have been made to make some form of 
JS VO and Net packages, mostly wrapped around native C calls, if the 
JS engine was written in C, such as SpiderMonkey, or java.io, and 
java net calls, ifthe JS engine was written in Java, for example, Rhino. 

This began to change in early 2009 with the creation of 
the Commanis Project (which, for some mystical reason, 
stands for Common JavaScript), which unified these efforts 
under a common namespace, with JS-specific semantics and 
included a package-inclusion system to boot. 

Using Rhino as an example, you could read from a file using) 
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GefineClass ("File"): 

var f = new File("ayfite.txt™), Line 

white ((Line = f.readLine()) 1== null) 
1) do some processing 


) 


J] this example slightly modified and simplified 
// from the Mozilla Rhino site 


‘As you can see, this is not file pracessing in JavaScript; it is 
file processing in Javal All| have done is opened the Java API to 
JavaScript. tt is great if you really intend to program in Java, but 
it’s of limited help if you are trying to do pure JS, and especially if 
your engine is not Java-based. 

With CommonJs, there emerged a standard JavaScript-native 
interface to include a package, for example an VO package or 
http package, and define many of the standard functionalities. 
Under the covers, the implementation may be C, Java, Erlang or 
Gobbledygook. All that matters is that the interface to the developer 
is platform-agnostic and portable from one interpreter to anther 


THE MISSING NODE 
The second missing piece was a server, similar either to 
‘Tomcat/Jetty for Java or Mongrel/Thin for Ruby, that provides a 
real environment, includes the necessary modules and is easy to 
Use. Most important, it needed to take advantage of JavaScript’s 
strengths, rather than attempt to copy a system that works for 
Java or Ruby. The real breakthrough was Ryan Dahl's Node.JS. 
Ryan combined Google's highly performant V8 engine, JavaScripts 
natural asynchronous semantics, a module system and the basic 
modules to create a server that suits JavaScript to a tee 

Most Web servers have a primary process that receives each 
new request. It then either forks a new process to handle the 


specific request, while the parent listens for more requests, or 
creates a new thread to do the same, essentially the same method if 
somewhat more efficient. The problem with processes or threads 
is threefold. First, they require significant resource usage (memory 
and CPU) for a small amount of differing code. Second, these 
threads often will block on various activities, such as filesystem or 
network access, tying up precious resources. Finally, threads and 
processes require context switches in the CPU. As good as modern 
operating systems are, context switches stil are expensive. 

The alternative, gaining in popularity, is event-driven, asynchronous 
callbacks. In an event model, everything runs in one thread. However, 
each request does not have its own thread. Rather, each request 
has a callback that is invoked when an event—like a new connection 
request—occurs. Several products already take advantage of the 
event-driven model. Nginx is a Web server with similar CPU utilization 
characteristics to dominant Apache, but with constant memory 
usage, no matter how many simultaneous requests it serves. The 
same model has been taken to Ruby using EventMachine. 

‘As anyone who has programmed in JavaScript, and especially 
in asynchronous AJAX, knows, JS is extremely well suited to event- 
driven programming. Node.JS brilliantly combines packaging and 
an asynchronous event-driven model with a first-rate JS engine to 
create an incredibly lightweight, easy-to-use yet powerful server- 
side engine, Node has been in existence for less than two years 
and was first released to the world at large only at the end of May 
2008, yet it has seen widespread adoption and has served as a 
catalyst for many other frameworks and projects. Quite simply, 
Node changes the way we write high-performance server-side 
nodes (pun intended) and opens up a whole new vista 

The rest of this article explores installing Node and creating two 
sample applications, One is the classic “hello world”, a starting 
point for every programming example, and the other is a simple 
static file Web server. More complex applications, Node-based 
development frameworks, package managers for Node, available 
hosting environments and how to host your own Node environment, 
will be subjects for future articles. 


INSTALLING NODE 
Node wail install on almost any platform, but itis ideally suited to 
LUND(lke environments, such as Linux, UNIX and Mac OS X. It can 
be installed on Windows, using Cygwin, but it is not as easy as the 
ther platforms and there are plenty of gotchas. Like most serverside 
packages, if you want to do anything serious, do it on UNIXLinuvBSD. 

On Linux or UNIX, installation follows typical UNIX program 
installation: download, configure, make, make install 

First, download the latest package. At the time of this writing, the 
latest unstable version is 0.3.2, and the latest stable is 0.2.5. | recom 
mend moving toward 0.3+ as soon as possible. Don't be fooled by 
the low version numbers; plenty of production sites are using Node 
right now for at least part of their environment, including github.com, 

You can download the tarball directly from nodejs.org, or 
lone the github repository, my preferred method. If you don’t 
have git installed already, do so via your preferred package man- 
ager or directly. Before you get started, make sure you have the 
prerequisites. Although | could include them here, the details of 
building git are beyond the scape of this article. 

On Mac OS X 


# install XCode from the Apple developer Web site 
5 brew install git 


(On Linux or similar with the apt packaging system: 


$ sudo apt-get install grt curl Libssl-dev apache2-utils 
$ sudo apt-get install git-core 


Now, you are ready to download, compile and install Node 
First, you need to cd to the appropriate directory. At that point, 
clone the git repository: 


$ git clone git://github.com/ry/node. git 
# if you have problems with git protocol 
$ git clone nttp://github.com/ry/node.git 


http works fine 


Next, make sure you are in the right version. Because git clones 
the entire repository, make sure you switch to the correct version: 


5 cd node 
§ git checkout <version> 

# version can be whichever you want. 

# but I recommend v0.3.2 as of this writing 


Then, run configure. As usual, configure will check whether 
you have all of the prerequisites installed. Configure also will deter- 
mine where to install Node when itis ready. Unless you are working 
‘on a production machine, | highly recommend installing Node in a 
local writable repository under your home directory, such as ~/local. 
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Installing git in the default /usrlocaVbir/ leads to all sorts of interesting 
permission issues when installing packages and running everything as 
sudo during installs. Unless it is going to be shared among everyone 
and used in production, installation makes a lot more sense in your 
‘own directory. It is also quite small. The entire installation on my 
laptop, including binaries, man pages and several add-on packages, 
is less than 5OMB. The Node binary itself is less than 5MB 


# installing in the default 
S ./contigure 


# installing in your own local directory, 
# my preferred method 
S ./contigure --prefix=-/locat 


Then, compile and install: 


5 make 
S make install 


At this point, Node is installed and ready to run. if you installed 
Node in ~/local/, you need to add ~/lacal/bin to your path, which 
depends on your shell 


ANEW MINDSET 
The critical thing to remember about Node development is that 
everything important is asynchronous. Sure, you could do many 
things synchronously, but why would you? 

For example, a traditional Web programming model might 
look something like this: 


1) pseudo-code 
conn = connection.waitForRequest () ; 
if (conn I= null) ¢ 
request = conn.getRequest () 
response = conn.getResponse() 
data = database.getData(query) : 
response.write(someData) 


In asynchronous Node, you would do something more like this: 


server handleRequest (function(request response) { 
J/ we need some data from the database 
database. submitQuery (query function (data) { 
response. write(data): 
» 
De 


Notice how everything is in callbacks, an event-driven asyn- 
chronous model, 


SAMPLE PROGRAM ONE: HELLO WORLD 
Everything starts with hello world, This example demonstrates the 
basics of modules and asynchronous handling of requests. 

First, include the necessary http module’ 


var http = require(*http'): 


http is a standard module included with Node. If you wanted a 


56 | april 2011 www.linuxjournal.com 


module that was not in the standard path, you would preface it 
with ./, which is executed relative to the path in which the app is 
running, For example, require("./mymadule") ; 

Next, create the server, which is as simple as createServer(), 
as well as the callback function to handle each request: 


http.createServer( function(request. response) { 
1) handling code here 
» 


‘Next, put in the handling code. You know you want the 
response to be hello world and the http status code to be 200, 
Which is basic success: 


http.createServer( function(request, response) { 
1 set your status code to 208 and content to plain text 
11 since “hello, world!" is as plain as it gets 
response. WwriteHead(209,("Content-Type": “text/plai 
1) write out our content 
response. write("Hello, world! \n") 
17 indicate that we are done 
response.end() = 


aa 


» 


The above is a callback function. it will be called each and 
every time a new connection request comes in. 

Finally, you need to tell the server to listen and on which port. 
For now, let’s put it on 8080 (just to annoy Tomcat): 


http.createServer( callbackFunction ).1isten(8886) 
Pulling it all together, you get a very simple program: 


var http = require(*http') 
http.createServer( function(request, response) { 
// set your status code to 209 and content to plain text 
1/ since “hello, world!" is as plain as it gets 
response, writeHead (200, "Content-Type": “text/plain")): 
// write out aur content 
response.write("Hello, world! \n") 
17 indicate that we are done 
response.end() : 
})-Listen(#989) ; 


Six lines of code, and a functioning Web server that says 
“Hello, world!" Save the file as apps, and then run it 


# cd to your development directory 
S cd warkinggir 
$ node ./app.is 


Connect your browser to httpy/localhost:8080, or use curl or 
wet, and you will see “Hello, world!” 


SAMPLE PROGRAM TWO: SIMPLE FILE SERVER 
For the next example, let’ serve up files from the local filesystem. if the 
files available in the document root, let’ return it with 2 200 response; 
if itis not, let's return a 404 status code and an error message. 
Like last time, you need the http module. Unlike last time, you 
also need the modules to read from the filesystem, and an ability 


to process URLs: 


var http = require('http'), fs = require('fs') 
sepath = require(‘path'), url = require(‘url') 


Create the server and its handler, and listen on port 8080 
(ust to annoy Tomcat) in the same way as last time: 


http.createServer( function(request 
1) handling code 
}) listen (sage) 


response) { 


The difference is in the handling code. Now, when you get a 
request, you want to see whether it exists in the filesystem, and if 
so, return it: 


http-createServer( function(request. response) ( 
J/__dirname is a special variable set by node 
var file = __dirnamespath 
J/ check if the requested path exists 
pathexists (file, function(exists) 
if (exists) { 
} else { 
yD: 
» 
}) -listen(s0a0) 


You use the path module to check whether the file is available, but 
you do it asynchronously. Normally file access is very slow, and every- 
thing in the thread or process will block. With Node’s event-driven 
‘model, nothing blocks; rather, the system continues to move and calls 
the functian(exists) callback when it has an answer if the fie exists. 

If the file does exist, you need to read it using the “file” 
module and send it back. if it doesn’t, you send back a 404 
error. First, let's look at the simple file-not-found case: 


if (exists) ( 
1) do sone handling 

} else ¢ 
response.writeHead (404, ("Content-Type” 
response.write("484 Not Found\n") 
response.end() 


“text/plain’)) 


Now, let's look at reading the file and sending it back when it 
does exist. Once again, read the file asynchronously: 


if (exists) 
11 ead the fe asynchronously 
fs readFile(file, "binary". function(err.file) ¢ 
if (ere) { 
1/ We got sone kind of error, report it 
response. writeHead(568, {"Content-Type":"text/plain"}) 
response.write(err+"\n") 
response. end() 
) else { 
response writeHead(200, ("Content-Type":"text/html")) 
response.write(file,"binary") 
response.end() 


‘ying It all together and cleaning it up a bit, you get a nice tidy, 
asynchronous, event-driven Web file server 


var http = require(‘http!), fs = require('ts') 
‘spath = require(’ path"), uel = require(url') 
hetp.createServer( function(request, respanse) { 
var file = __dirnameturt parse( url") .pathnane 
1/ check if the requested path exists 
path.etists(file, function(exists) ( 
if (exists) ( 
fs.readFile(tile, "binary". function(err. file) { 
if err) { 
response.writeHead(58@, (*Content-Type"="text/plain"}) 
esponse.write(erc+"\n"), 
response.end() 
) else ( 
esponse.writeHead(208, ("Content-Type":"text/html"}) 
response.write(fite, binary") 
response. end) 


» 
) else { 
response. writellead(464, ("Content-Type' 
response.write(*484 Wot Found\n") 
response.end() 


“text/plain")) 


» 
4) Listen (8088) 


A static Web file server, which will outperform most such 
servers on the market, in just 23 lines of code—it's a work of Art 


‘SUMMARY 

Node.JS is an incredibly powerful, simple and elegant engine to 
run event-driven server-side JavaScript, and it has been a catalyst 
for an enormous amount of fermentation in the server-side world 
during the past year and a half. 


‘hi Decher is an operations and technology consultant based in New York ad sal wha as ben 
vlan technology sine the days ofthe 30 and Appl I. He has aBSin Electra Engineering from 
‘oui Univer and an MBA rm Duke Universi. He canbe reached at avalon com, 


Resources 


Node.JS: nodejs.org 
Node.JS Git Repo: github.com/ry/node 


CommonJS: www.commonjs.org 


Cygwin: www.cyg\ 
Nginx: nginx.org 
Douglas Grockford: www.crockford.com 


Language Popularity: 
www.webdirections.org/the-state-of-the-web-2008 
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Zotonic: 


THE ERLANG CONTENT 
MANAGEMENT SYSTEM 


Michael Connors 


escribed by its authors as a 

pragmatic and modern CMS, 

Zotonic is that and much 

more, When I started using 
Zotonic, it was because of its efficiency 
and the fact that | could pack several 
client CMS sites onto a machine with 
only humble resources. | soon discov- 
ered, however, that Zotonic is not only a 
CMS, but also a Web framework, which 
allows me to create very complicated 
Web sites in a fraction of the time it 
would have taken me using more 
traditional languages and frameworks. 
Zotonic won't fall over if it encounters 
an error, and it does not need to be 
poked with a stick and awakened every 
time a request comes in. 

Zotonic is written in Erlang, a func- 
tional language that was designed for 
programming telephone switches. The 
logic behind using Erlang for Web devel- 
opment is that modern Web sites, with 
their plethora of connections from users 
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and robots, are starting to look more 
and more like telephone exchanges. “I 
have never programmed in a functional 
language, and Erlang looks like Dutch 
to me!”, | hear you say. Well, the 
authors of Zotonic are fluent in Erlang 
{and Dutch, incidentally), and they have 
done a good job of creating a piece of 
software that is useful out of the box, 
regardless of whether you know Erlang, 
and Zotonic could be just the killer app 
you need to dive in and learn Erlang. 
Another attractive feature of 
Zotonic is its PostgreSQL database (see 
sidebar). As someone who has toyed 
with learning Erlang for a while, proba- 
bly one of the big barriers was that on 
top of learning a completely new pro- 
gramming paradigm, | also would have 
to learn a new database in the form of, 
mnesia. Zotonics use of PostgreSQL 
means one less new thing to learn and 
at least allows me to feel in familiar 
territory when | am designing my data. 


The only database offered by 
Zotonic at the moment is 
PostgreSQL; however, there are 
plans to create “Elastic Zotonic”, 
which will use a distributed 
store. Although Zotonic does use 
a relational database, in most 
cases, what you are inserting 
into the database will be a 
Zotonic resource with a key 

(ID) and a document (Props). 
Relationships between resources 
are defined using predicates, 
such as has relation and 
has_part. For a lot of Web devel- 
‘opment, this is all you need; 
however, if you do need it, the 
power of the relational database 
is available to you. 


Dependencies 
Jam running the latest version of Ubuntu, which has Erlang 
preinstalled. You can test whether you have Erlang by typing 
erl at the command line. If you get the Erlang shell, you are 
good to go. Press Ctrl-c, followed by the letter a and carriage 
return to exit Erlang. If you don’t have Erlang on your system, 
you can download it from the Erlang Web site or install it with 
your distribution’s package manager. 

Another dependency is ImageMagick; to check whether it’s 
installed, run: 
convert -version 

You, of course, need to have PostgreSQl installed, and you 
need Mercurial installed to fetch the latest version of Zotonic 
from the Google code site 


Installing and Configuring Zotonic 


Fetch the Zotonic source and build it: 


hg clone https://zotonic.googlecode.com/hg/ zotonic 
cd zotonic 
make 


Now, create a database for Zotonic: 


CREATE USER zotonic WITH PASSWORD ' yourdbpassward’ 
CREATE DATABASE zotonic 

WITH OWNER = zotonic ENCODING = 'UTFA" 
GRANT ALL ON DATABASE zotonic TO zotonic; 


\e zotanic 
CREATE LANGUAGE "plpgsql” 
The Default Site 


Zotonic comes complete with an example site, which implements 
a simple blog. You can find the code for this default site in 
privisites/default/, and you can get this default site running by 
creating a config file and starting Zotonic 

Find the sample config file in privisites/default/config.in, and 
rename it or create a copy with no extension’ 


cp priv/sites/default/contig.in priv/sites/default/contig 


(pen config in your favourite text editor, and modify it to use 
the database you just created! 


% Hostname for virtual host support 
(hostname, "127.0.0.1:8980") 
(hostalias, "localhost :8800"} 

% PostgreSQL database connection 
(abhost, "127.0.0.1") 
{dbport, 5432) 
(abuser, "zotonic"} 
{dbpassword, *yourdbpassword") 
(dbdatabase, “zotonic"), 


Now, start Zotonic in debug mode using starts: 


Jstart.sh 


ZOTONIC’S USE OF POSTGRESQL 
MEANS ONE LESS NEW THING 
TO LEARN AND AT LEAST 
ALLOWS ME TO FEEL IN 
FAMILIAR TERRITORY WHEN 

| AM DESIGNING MY DATA. 


‘You should see text fly by on the console that suggests some 
tables are being created. Point your browser at 127.0.0.1:8000, 
and you should see your new blog 


Using Zotonic for Content Management 

Zotonic is first and foremost a content management system—that 
is what it says on the tin, Now that you have a running version of 
Zotonic, you can try out the content management features. 

Point your browser at http://127.0.0.1:8000/admin, You will 
see a login screen, and as this is your first login, you need to set 
the password. 

Use the login name "admin", leave the password field empty, 
and click Log On. You will see the create password form. 

‘Once you have set your password, you are presented with 
the Zotonic admin dashboard. Down on the left-hand side is the 
admin menu. Much of it is straightforward, but one of the more 
interesting items here is modules. 


Figure 1. Zotonic Dashboard and Broadcast Dialog 


In the Modules menu item, there's a list of available 
modules, some of them activated, others not. Activate the 
comments module to see the comments form appear at 

the bottom of your blog posts. 

You can create a new blog post by creating a new page of 
category “article” 

In the list of pages, find the home page. You also can find it 
by searching for “home” using the search box on the top right 
of the admin page. 

Open this page for editing, and scroll down it until you see 
advanced options. Expand the advanced options section, and 
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notice that the home page has a unique name of page_hame set. 
This is useful for referring to this page later in your code. 


Customizing the Front End 
Zotonic uses a modified version of Erlydt! for templating. Eriydtl 
is an Erlang implementation of the Django templating language 

Look in the templates folder of the default Zotonic site 
(privisites/default/templates). Here you will find a collection of 
‘pl files, which are templates that define the site. Templates 
that start with an underscore are not intended to be rendered 
alone, but rather can be included in another template 

Most of the templates in this directory inherit from base.tpl, 
Which includes the site's header, menu and footer. This site uses 
article.tpl for displaying pages of the category “article” and 
uses home.tpl to display the home page 

Dispatch rules map URIs to resources. Look in the file 
privisites/default/dispatch/dispatch, The following two dispatch 
rules are defined: 


« 
home, (1 
resource_page. 
[ (template. "home, tpt"), (id. page_home} 1 
i 
« 


article, ["article", id, tug] 
resource page 
[ (template, "article. tpi"), (cat. article) | 


‘The first rule states that you render the page with the 
unique name of page_home using the template home-tpl 

‘The second rule says that you want to render all pages of 
category article to article.tpl. You also define the structure 
of the URL in this rule. Each article will have an address of this 
form: /article/id/page-name 

In both of these examples, you Use resource_page to da 
‘the actual rendering. This renders a resource as an HTML page 
and gives you access to the ID and category of the page from 
the template 

Other text pages you create will be rendered to page.tp! 
by default 

‘An about page, with the unique name page_about already 
exists in the default Zotonic site; itis currently rendered to 
page.tpl. Let's try making our own template to display the 
about page 

Create a template in the templates directory called 
about tpl, and put the following code in it: 


(% extends "base.tpl" %) 
(% block title %) 
({ mesclid] title 3) 
(% endblock %) 
(% block content %) 
<hb>({ mrsclig] title )} 


s+ {(mrsclid] .summary })</ni> 


<h2>Hello, this is my about page!</h2> 
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(( m.rsclid] .body|show_media }) 
(% endblock %) 
‘Add the following to your dispatch rules 
{about [about], 
resource page. 
t 


{template, “about. tpl") 
(id. page_about) 


Stop Zotonic, and run make. 

Start Zotonic again. Now, if you go to http://127.0.0.1:8000/about 
in your browser, you will see the text from the default about 
page rendered using the new template you created. 

Having access to the ID of the about resource from the 
template, you can make calls to the database to retrieve other 
information to display. As you can see from the template 
above, | used the title (m.rsc[id].title), the summary 
(m.tscfid] summary) and the body (m.rscfid].body). | also used 
a “filter” called show_media to convert image markers in the 
body text into actual image tags for display. 


Summary of Some Other Front-End Tools 
You already have seen the show_media filter above, and 
many other filters exist to transform data for output. Other 
than filters, front-end develapment in Zotonic is aided by 
tags and scomps. 

In the example above, | used the block tag to replace the 
content area in the template that I’m extending, Other tags 
that | use often are if, for and lib: 


(if id = 1%) 
<p>The ID is 1</p> 
( endif %) 


(% for color in ["bleu", "blanc", *rouge"} %) 
<p>{{ colar }}</p> 
( endfor %) 


‘The lib tag can be used to import an aggregate of stylesheets 
or scripts to reduce the number of requests to the server: 


(sib 
“css/zp-menu.css" 
“ess/zp-project.css” 


” 


‘Scomps, or screen components, are used when tags are 
not powerful enough and more logic is needed. The scomps 
that I use most frequently are menu and validate 

Menu is used to insert the standard Zotonic menu into 
your site 


(% menu id=id 8} 


Validate is used to validate a form field at both the front end 
and the back end: 


<input 
type="password” 
id="password” 
name="password” value="" /> 
<input 
type="password! 


password?" 
password2" valu 
{h validate id="password” 

type=(confirmation match="password2") %} 


b 


Extending the Back End 
If you are willing to write some Erlang code, Zotonic can 
become much more than just 2 content management system. 
You can extend Zotonic with modules. The madules can be 
stored in the modules subdirectory of your site. 

To make a module, create a modules directory within your 
site if it does not already exist: 


ndkir priv/sites/default/modules 


Let's create a simple module that implements a Web site 
guestbook. Users will be able to see the existing guestbook 
posts and add a new post. 

Create a directory called mod_guestbook within the 
modules directory: 


mkdir priv/sites/default/modules/mod_guesthook 


Using your favorite text editor, create a file in this directory 
called mod_guestbook er, and in this file, put the following code: 


WS Gauthor Hichael Connors 
WH Qdoc A guestbook module 
-modute(mod_guestbook) 

-author("Michael Connors <michael#oring42.net>") 
-mod_title("Guestbook") 

-mod_description("A simple guestbook module.") 
-mod_prio (saa) 


We interface functions 
sexport([ 
init/t, 
datanodel/0 
D 


vinclude_1ib("zotonic.hri") 


we 


joc Initiates the server 


init (Context) -» 
Wi Manage our data model 
2_datamade1 :manage (7HODULE, 
datamodel() 
Context) 


datamadel() -> 
U categories, 


U 


YOU CAN EXTEND ZOTONIC 
WITH MODULES. 


(ep. 
text 
[(title, <<"Guestbook Post">9)1) 
1 
) 
1 


Stop Zotonic and run make again. This will build your new 
module. Now, restart Zotonic, and log in to the admin. Go 

to the modules page, and observe that there now is a new 
module called Guestbook. 

You can see here the values defined in the code for author, 
mod_title, mod_description and mod_prio. The Prio value 
indicates the importance of the module—the highest being 
1 and the default being 500. Modules with a higher priority 
are checked first for templates and scomps. 

A percentage symbol in Erlang indicates a comment, so 
any of the lines in this code preceded by percentage symbols 
are ignored by the compiler. The first two lines, although 
comments, also contain special notation, which is used to 
document the program. 

Here, | exported init/1. This is because it must be called 
by external modules; init has an arity of 1, meaning it takes 
1 argument: 


sexport([ 
init/1 
oD 


if | had a function that took two arguments, | would export 
it lke this: 


sexport([ 
itsname/2 
» 


You do not need to export datamadel, because it is used 
only by the init function in this module 

Init will be called whenever your module is loaded, and the 
first time it is called, it will create a new category in Zotonic 
called questbook_post. This will be a subcategory of “text” 
and will have the display name Guestbook Post. 

For each guestbook post, you should have a title and 
summary—Iuckily, all pages in Zotonic already have a title and 
summary, so without doing anything else, you can add posts 
to your guestbook by creating pages of the category 
Guestbook Post. Create a few Guestbook Posts now, ensuring 
that you fill in the titles and summaries. Also, don't forget to 
tick Published; otherwise, they won't be visible to users who 
are not logged in. You can use these to test your questbook’s 
display, which | discuss next. 
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FEATURE Zotonic: the Erlang Content Management System 


Templates 


Create a new subdirectory in mod_guestbook called templates: 
mkdir priv/sites/default/mod_guestbook/ templates 


Using your favorite text editor, create the following file 
named guestbook.tpl: 


(% extends "base.tpl" %) 


(% block content %) 


<hi>Guestbook</h1> 
<ul 1d="guestbook-posts” class="guestbook-posts"> 
(% with 
m.searcht 
{query ca! publication start’) 


J as posts %} 
(% for post in posts %) 
(% include "_guestbook_post.tpl" %) 

(% endfor %) 

(% endwith %) 

<u> 

(% include "_guestbook_form.tpl” %) 

(% endblock %) 


This template fetches the pages of category guestbook_post 
in order of publication date; it extends the base template of the 
site in which it is used and overrides the “content block” of 
that base template 

| also am including two other templates, _guestbook_post.tpl 
and _guestbook_form.tpl. Ill create these templates later. 

Next, you need a dispatch rule. Create a new subdirectory 
of mod_guestbook named dispatch 


mkdir priv/sites/default/mod_guesthook/dispatch 


Using a text editor, create a file called dispatch (with no extension) 
in the dispatch folder. It should contain the following dispatch rule: 


l 
(guestbook, ["guestbook") 
resource template, 


(template, "guestbook. tp1")1} 


‘The first parameter above is the name of the rule. This is 
followed by a list containing the URI scheme; in this case, it's 
simply /questbook. Let's use a premade Zotonic resource called 
resource_template to do the rendering, and the template that 
you actually will be rendering is called guestbook. tpl 

Save everything, run make and then restart Zotonic. When 
you navigate to 127.0.0.1:8000/questbook, you will see a 
page that simply contains the heading Guestbook. 

In the template above, | included another template called 
_guesthook_post.tpl, which | did not create yet. This template 
will contain the details of each guestbook post and be rendered 
once for every guestbook post. Let's create it now in the templates 
subdirectory of mad_questbook’ 


<1 class="guestbook-post"> 
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<pr({ post. title }}-({post. sunmary) }</p> 
“ne 


Run make and reload Zotonic. You naw should see the 
guestbook posts you created earlier in the admin. 

The next step is to allow users to sign the guestbook by 
creating the _guestbook_form.tpl template: 


(% wire id="guestbook-form” 
type="submit” 
postback=(np) 
delegate="nod_guestbook" %) 

<form id="guestbaok-forn” 


method="post* action="postback"> 


<div> 
<div class="form-iten"> 
<label for="title">Titles/Label> 
<input type="text" name="title" id="title" /> 
(% validate id="title” type={presence} %) 
</siv> 
<div class="form-iten"> 


<Label for="summary">Summary</Label> 
<input type="text” name="summary" id="sunmary" /> 
(% validate id="sunmary" type={presence) %} 
</div> 
<div class="form-item button-wrapper"> 
button type="submit">(_ Post _)</button> 
</aive 
</siv> 
</orm 


You use the “wire” scomp to specify that the form with the 
id="guestbook-form" will be handled by the event function 
of mod_guestbook. You also use the “validate” scomp to 
check for the presence of the required fields. If you wanted the 
summary field to be optional, you could leave out the validate 
scomp for the summary field. Here, you just use the presence 
validator, but there are others, such as numericality, length, 
confirmation (for making sure two fields match) and the very 
Useful format validator, which takes a regular expression. 

Now, you need to implement the event function of 
mod_guestbook to handle this post: 


WE doc Handle the submit event of guestbook 
event ((submit, (np, _}, TriggerId, TargetId) 
T = z context:get_q_validated("title”, C), 


o> 


5 = z_context:get_q_validated("sunmary". C), 
catté = 
m_category:nane_to_id_check(gp. C) 
AC = zacl:sudo(C), 
Props = [ 

{category_id, Catia} 

{title. 1). 

(summary, 5), 

{is_published, true}]. 
{ok, RscID} = mrsc:insert (Props, AC) 
Post = mrsciget (RscId, C) 
TemplateProps = [ 

{post, Post) 
ie 


Html = z_template: render ("_guestbook_post.tpl 
TemplateProps, AC) 
Z_render: insert_top("guestbook- posts 
Html. AC) 


Don't forget to export event/2. Now you are writing Erlang 
code and making use of some support functions that come 
with Zotonic. 

If you are new to Erlang, the first thing to note is that 
once a variable has been bound to a value, it cannot be 
changed. This may seem strange, but the idea is to avoid side 
effects, so that you can write distributed applications. A nice 
side effect (| know) is that it makes Erlang easier to debug 

In Erlang, you use lists and tuples for storing aggregates of 
data. A list is enclosed in square brackets and a tuple in curly 
brackets. Variables in Erlang start with a capital letter (Props), and 
you also use atoms, which are lowercase. Atoms do not have any 
value associated with themselves; in essence, they are the value 

Functions that relate to access control are found in 2_acl, 
and in this case, you use 2_acl: sudo to gain superuser rights. 
z_context:get_q_validated allows you to get the contents 
of a validated field from the post; x_template:render 
returns a rendered template, and z_render: insert_top 
inserts some text at the top of an HTML element with a given 
ID. More support functions can be found in src/support. 


IF YOU ARE NEW TO ERLANG, 
THE FIRST THING TO NOTE IS 
THAT ONCE A VARIABLE HAS 
BEEN BOUND TO A VALUE, IT 
CANNOT BE CHANGED. 


The cade for accessing the database is found in stc/models 
Here, | accessed the database to check the ID of a category 
(m_category:name_to_id_check) and also to insert anew 
resource (m_rsc:insert). 

The guestbook is not completely finished. You still need to 
add the name of the person that signed it, This is easy, however, 
and you don't need to go near the database to do it. Simply add 
a new field to your form template, modify your event function 
to handle that field, and your guestbook will be complete. 


Michael Conor is a relance sofware developer from Ireland, but he curren lives in 
Normandy, France. These day, he musty develops software in ang, 
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Find Yourself with the 
Google Maps API 


Making maps the Internet way. MIKE DIEHL 


I don’t think a day goes by that | don't use Google to find 
something, and lately, I've seen an increasing number of businesses 
that post Google maps to their locations on their Web sites. 
Sometimes, these companies even go so far as to put litle push- 
pins on the map indicating each of their locations, which 


Listing 1. HTML for Google Map 


<html> 
‘head 
<title>ty Google Mapé/title> 


<style> 
nap ( 

position: relative; 

left: Spx; 

top: Spx: 

10 width: 764px; 

11 height: 520px; 

Ry} 

13 </style> 

u 

15 <script src="http://maps. google.com! 

‘naps? ile=apidv=38key=thisisasecretésensor=false” 
16 type="text/javascript"> 

17 </script> 


19 <script type="text/javascript” src="/main.js"></script> 
21 </neag> 

23 <body onload="initialize('map');" onumload="GUntoad() "> 
25 <div id-map> 

26 Map goes here. 

27 </div> 

29 <p> 

31 SM Corner: <span id=debug_sk> </span><br> 

32. NE Corner: <span id-debug_ne> </span><br> 


33 Zoom: <span id=debug_zoom> </span><or> 


35 </body> 
36 </html> 


64 


april 2011 www.linuxjournal.cam 


makes things very convenient for navigationally challenged 
people like myself. 

| guess it would be possible to take a screenshot of a Google 
map and post it on a company Web site. | also guess you could 
‘open that image up in the GIMP and manually add a bunch of 
pushpins. Additionally, | guess you could use an image map to 
make the pushpins clickable and interactive. Yes, you could do 
things this way, and in a pinch, it might make sense, but it 
sure wouldn’t be as much fun as using the Google Maps AP! 
and doing it right. 

With the Google Maps API, you can create a map centered at 
a particular location. You can place colored push pins anywhere 
‘on the map, and you can draw geometric shapes on the map. 
Perhaps you even want to draw borders around delivery regions 
or school districts. The Google Maps API s incredibly powerful, 
and I've scratched the only surface myself. 

However, before you can get started, you need to get an API 
key by registering with Google. This registration is free, and you 
receive your key instantly. You do, however, have to agree to some 
Usage restrictions. Most of the restrictions seem reasonable. The 
only surprise is the Web site that uses the Google Maps API 
must be publicly accessible; it can't be on an intranet nor can it 
be password-protected. If you need to create an application that 
will not be publicly accessible, you can make other arrangements 
with Google. To sign up for a key, point a browser at 
code.google.com/apis/maps/signup.html. You will be asked 
for your Web site's domain name, and you'll need a separate 
key for each domain. 

Once you've got an API key, you're ready to start coding. 
First, you need to create a simple Web page to display your 
map (Listing 1) 

Lines 1-14 are simple boilerplate HTML. Note that | include 
some in-line styling for a div container called “map”. Here I'm 
mostly just interested in setting the size of the resulting rectangle 

Lines 15-17 are where you load the Google Maps API. The 
section of the URI that looks like "v=3" indicates that I'm using 
version 3 of the API. This is also where you include the API key 
you obtained earlier. Finally, you see the "sensor=false” section 
of the URI. This indicates that I'm not using any type of location 
sensor, such as a GPS, to select the appropriate map. Accurately 
configuring this field is required by the Google Maps AP! EULA. 

The JavaScript program that | wrote to load and manipulate 
the map is loaded on line 19. On line 23, | arrange for an initial- 
ization function that | wrote to be called when the page finishes 
loading and another function, that Google provides, when | close 
the page. | discuss the initialize() function shortly, 

‘The rest of the HTML simply creates a container (mentioned 


earl id the map and a few rs to hold 
debugging information. You might not want to display this 
information in a production application, but it's instructional 
to see what type of information js available from the API and 
what meth rammer for keeping 
he user interacts with the map 

ated in JavaScript, so let’s take a 


cont 


s are available to 1! 
the display up to da 

The rest of the map 
ok at Listing 2 


longitude to point the map. 
The initializ f 
the work of creating the map. in lines S~10, | test to make sure 
that the user's Web client is able to display the map, and 
create the map object. Lines 12-18 configure the map. First, 
tion for the map to display. Then, | add the m 

type and map navigation controls. The map type control al 
the user to select be map or hybrid 


nctic 


ween a simple map, satelli 


map. The map navigation control allows the user to pan the m: 
around and to zoom in and out. Finally, | configure the map to 
play as the hybrid map by default 
The update_qui() function referred to on lines 14, 20 and 26, 
simy s the debugging information below the map and 
probably wouldn't be used in a production application. Line 20 is 


eresting because it demonstrates how to have your applicati 
react when the use 


scrolls or zooms the map to other locations. 


ordinate 
a bit more lat 

At this point, if you did nothing else, you'd have a map 
vat users could interact with. They'd be able to select the 
type of map, move it around and out, But, | 


go a bit furth 
The ajax_get() fu 22 and 24 isn't included 
n Listing 2, but it's relatively easy to write. This function simply 
sa URL and the name of a JavaScript function as parame- 
the function makes an AJAX call and f 
at the given URL. This data is assumed to be XI 
to the indicated function 
The parse_markers() function referenced on line 22 accepts an 
XML string that describes wi 
XML resembles Listing 3. As you can s 
asset has an 


markers on the map. Thi 


i's simply a list of assets 


|, aname, a description lat/long 


The pars: 


responding XML 4 
Here, you see two cor 


fine their boundaries. 


like that shown in Lis 
and a list of lat/long points that 
0, with what 
slightly different data, you get a map 
fault, the map c 


you have so far, and 


ne 


vat resembles Figure 1. By 
of Allbuquerqu 
n. The 


tion just outs 
New Mexica. You se¢ le thats filled in 
t! 


gle is semi-transt 


the markers in the i 
triangle. In Figure 1, I've clicked on the 
the information window, which | discuss a bit more later. 

Let's take a closer look at the parse_markers() function defined 
51 of Listing 2. This function is fairly straightforward 
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Listing 2. JavaScript for Google Map 453 function parse_zones (e) ( 
Sa var id 

1 var map 455 var containers = e.getElenentsByTagione ("container") 

2 var default_nap = "35.181804, 105 .40625.8" 56 

3 57 for (198; t<containers. length; i##) ( 

4 function initialize (el) ¢ 58 var bounds = new Array: 

5 if (I6BronserIsConpatible()) ( 8 

6 docunent.getElenentByT(el).imerifTM. = *Incampatible Browser* 68 var id = containers(i) getAttribute( id") 

7 return: {1 var nane = containers({] getAttribute(*nane") 

a) 82 var dese = containers(1] .getattribute(*description”) 

9 8 

18 map = new Gap2(docunent.getElenentBy14("nap")) ‘4 var points = containers] .getElenentsByTaglane(“point*); 

a 15 for (j=8: Jepoints. length: 144) ( 

12 var 1 = default_nap.split(?,"); 66 var p = new Object 

13 map, setCenter(new GLatLng(parseFloat(LI8]).. parseFloat(1{2))) o 

‘.parsetnt(1(2))) 468 p.long = points(j] getAttribute(*long"): 

14 update gui(): 69 plat = points[i] getAttribute("tat") 

5 78 

16 map. addControl (new GMapTypeontrol()) : 72 bounds. push(new GLatLng(p.Lat.p.long)); 

17 map, addConteol (new GSealIMapControl() : ny 

18 map sethapType(G_HYBRID_HAP); B 

8 74 var container = new GPolygon(bounds, "#110908", 

28 GEvent,addListener (nap. "ousemove", function () (update gui():)) 5. 5, taetteer, 2): 

n % 

22 ajax_get(/narkers. xml", “parse warkers'") 76 container id = id 

B 77 container nane= nane: 

24 ajax_get("/2ones.xnl", "parse zones") : 78 container dese = dese 

ry 79 

26 update gui(): 189 map, adver Lay (container): 

my 181 GEvent.adalistener container, "click", function () 

28 s(2one_click¢this):}): 

29 function parse_sarkers (e) { 2 

38 var 1, Ton, tat: B) 

31 var assets = ¢.getElenentsByTaglane( asset”) a) 

2 8 

3B for (150: icassets.tength; it) ( £86 function marker nouseaver (who) { 

34 lon = parseFloatassets{i) .getAttribute(*Long")) £87 nap. openlnfokindow(new GlatLng(who. lat ho, ong) who.nane) 

35 Lat = parseFloat assets(i)getAtteibute("Iat")): 8) 

36 8 

B37 var marker = new GHarker(oew GLatLng(1at, on): 98 function marker click(uto) ( 

38 {91 map. openlnfkindow(new GLatLng(who. lat ho, Long). who. dese) 

39 marker. id = assets({]getAttribute("ia"): 2) 

49 narker.nane = assets(t] getAttribute( nate") 3 

41 narker.desc = assets{t] getAttribute("aesc") ‘94 function zone cLick(who) ( 

a 95 map. openlnfdkindow(new GLatLng{xho. lat ho, ong). who. dese) 

43 narker tong = ton: 6) 

44 marker. tat = Tat: 7 

4% 98 function update-gut () ( 

46 map, adver Lay narker) 99 var sw = map. getBounds().getSouthest(); 

a 168 var ne = map. getBounds().getNorthEast) 

48 //GEvent.addListener marker, "mouseover", function () te 

“(aarker_souseover (this) 1); 182 docunent getEenent8yld("debug sw) inneriTAL= sy. toString(): 

49 GEvent.adalistener (marker, “click”, function () 183 docunent .getElement8yld( "debug ne") nner iT 

‘e(anarker_click(this):) 164 docunent get€enent8yld("debug_ 2000") .inneri 

say 185 ) 

a) 

2 
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Listing 3. XML Listing of Markers 


cassets> 


i="1" name="Home" desc="The home base” Lat= 
-195"></asset> 

2" name="&C Site” desc="The off-site site” 
" Long="-106"></asset> 


<Jassets> 


Listing 4 XML Listing of Zones 


<containers> 
container id="1" name="HQ” description="This is HeadQuarters"> 
point 1at="35.0° long="-105.0" /> 

<point 1at="35.0° long="-106.0" /> 

point 1at="36.9" Long="-106.8" /> 

point 1at="35.0° long="-105.0" /> 

</container> 

<container id="2" nane="OtfSite" 

description="This is the Offsite site> 

point 1at="37.0" long="-104.0" /> 

point 1at="37.0" Longe"-105.0" /> 

point 1at="38.0° long="-105.0" /> 

point 1at="37.0" long="-104.0" /> 

</container> 

</containers> 


and simply loops over a list of assets, For each asset, the function 
parses the lat/long coordinates of the marker and creates a marker 
object with them (lines 34-37). Notice on line 37 that | had to 

use the lat and long variables to create an object to pass to the 
marker constructor. Next, | set some additional attributes for each 


SW Commer (34.0071 250e4nsaRa, 10780871 38671878) 


Figure 1. Final Results 


as well as a fill color and opacity setting. | add the polygon to 
the map on line 80. | add an on-click event handler on line 
81, so that when users click on a given zone, the application 
can perhaps provide more information about the zone. 

The event handlers defined on lines 86-96 are almost identical 
and quite trivial, so let me make some passing comments about 
them all at once. They each call the map abject’s apeninfoWindow 
method to open the little message bubble and display a message 
In these cases, | simply display the name or description of the 
object the user clicks on. In a real-world application, you might 
Use the id attribute to make an AIAX callback to 2 server-side 
database and do some really coal things. 

Finally, the update_gui() function on lines 98-105 is responsible 
for updating some of the display information at the bottom of 
‘the map. To do this, the function uses same of the map object's 
methods to get the coordinates of the southwest and northeast 
corners of the map. Then, those coordinates are converted to 


In a real-world application, you might use the id attribute to make an AJAX 
callback to a server-side database and do some really cool things. 


marker for later use. Then, on line 46, | added the marker to the 
map. Lines 48 and 49 are interesting—they allow users to click on 
(or mouse over) a marker and display additional information. I've 
commented one of the lines out because it doesn’t seem to work 
well to have a mouse-over and mouse-click event at the same 
time. | probably need some additional logic, but you get the idea 
The parse_zones() function is only slightly more complex, 
because it has to build a GPolygon object from the points 
listed for each container. Lines 53-62 are similar to the first 
part of the parse_marker() function. The main difference is 
in lines 64-72 where | loop over each point that delineates 
the zone, create a Glatlng object for each point and push 
the object onto the bounds array, Then, on line 74, | create 
a GPolygon abject with this array of points. The GPolygon 
constructor also allows you to specify a border color and size, 


strings and placed inside the appropriate container on the Web 
page. The map’s zoom factor is handled very similarly. 

‘As you can see, using the Google Maps API is pretty easy. The 
‘AP! is fairly intuitive and exhaustively documented at Google, As 
| mentioned in the beginning of this article, its pretty easy to plot 
businesses’ office locations or the locations of their customers, 
But, this is the Web, and it should be fun. How about a geography 
quiz game with real maps? Or a Risk-like game, or any number of 
military simulations set on a virtual Earth? | recall playing a racing 
game that allowed you to drive a car around 2 Google Map. The 
Google Maps API s simple and powerful, and lots of interesting 
things are waiting to be done with it 


Mike Dieblis a contac programmer and consultant in Albuquerque, New Mec. Mike ves with 
‘is wif and thee small boys and can be reached via e-mail at méieN@dielnetcom. 
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Rich Internet Apps That Just 
Work—Writing for the User 


AJAX is power. It makes Internet applications look, feel and perform in the eyes 
of the user like desktop apps, all while run from the server and written in the 
platform-agnostic languages of HTML and JavaScript. But, it carries a heavy 


price: breaking the browser. Avi DEITCHER 


“The customer is always right." This time-worn adage—attributed 
to either Harry Selfridge, founder of the famous British Selfridges 
department store, or Marshall Field, of the Chicago department 
store that bears his name—has been discussed and dissected to no 
end, Undoubtedly, every one of us can come up with plenty of cases 
When customers aren't right, and it des not make sense to treat them 
that way. What is true, however, is that if you want to sell (or develop) 
something that's useful to customers, you must build it for the way 
they actually work, not the way you want them to work. 

In the Web’s early days, we were all entranced by the ability to 
access any application anywhere, without installing anything more 
than a browser. Developers loved the idea of writing in a single 
Universal language. Even better, HTML is declarative—no interesting 
components and callbacks, no perplatform or per-OS-version oddities 
(more or less). Users loved the simple book paradigm. You could go 
back and forward (which, unsurprisingly, were the names of the 
buttons), and even click reload. The semantics were simple; writing 
for the platform was easy, and deployment, compared to managing 
each desktop, felt like the new Enlightenment. 

The downsides, of course, were obvious, but a fair price to pay. 
tf each page was statically generated with just HTML, every change, 
however small—say a change in text or adding a wamning—required 
a complete page reload. Besides the headache for the user, it was 
unnatural and slow. Some pundits in the 1990s suggested that 
the Web would never be a dominant platform for this very reason 
Dynamic HTML based on JavaScript, which allowed DOM manipu- 
lation, gave us some leeway, but anything that came from the 
server—real data—required a reload. 


Enter AJAX 
In the early to mid-2000s, developers began to explore how 
to communicate with the server without requiring page reload. 
Microsoft introduced the XMLHTTP ActiveX control in 1999, later 
adopted by every other browser. In 2005, Jesse Garrett, cofounder 
of Adaptive Path, coined the term Asynchronous JavaScript with 
XMIL, or AJAX. Although Jesse didn’t invent it, he certainly popu- 
larized it, which once again underscores the importance of mar- 
keting that we engineers tend to overlook. As an interesting aside, 
one of the earliest known usages of AJAX occurred in...1596, by 
Sir John Harington, to describe his new invention: the flush toilet. 
AJAX was wonderful. We could get what we wanted from the 
server without reloading the entire Web page. We could process it 
in the background. We could get as little or as much as we wanted. 
It seemed Web apps, now called Rich Internet Apps, finally were 
fully competitive with desktop apps in terms of ease of deployment 
and performance. it enabled such ubiquitous apps as Google 
‘Maps, which would have been impossible without AJAX. 
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The User Is the Problem? 
‘The big problem with AJAX apps is that they broke Web semantics. 
The Refresh, Back and Forward buttons work entirely on the address 
in the URL bar of the browser. In the days of static pages, that mostly 
indicated where you were: http//example.corn/store? product=12345 
was definitely diferent from http/example.com/store?product=89999. 
In the modern RIA AJAX world, however, the URL was 
http://example.comvstore. With the product rendered using AJAX, 
the URL unchanged, reloading was highly unlikely to bring you 
back to where you were. 


First Attempts 
The first responses were to add complex state to the server. JavatE, 
PHP frameworks and others all added session variables in which you 
could store oodles of information about what the user's last request 
was, and so you could roughly attempt to reconstruct it for the next 
request. The entire JavaServer Faces (JSF) framework is built around 
such complex state semantics. These did the job, more or less, but they 
‘were very complex and required lots of effort with which to work 

‘The next attempts essentially said, "we don’t support browser 
buttons!" Put in other terms, “we and the technology are right, 
and the user is wrong.” As anyone who ever has been in business 
knows, this strategy is doomed to failure. it may work, for a little 
while, if your customer has no alternative, but customers who are 
told they are wrong and “just don’t get it” quickly will look for 
alternatives. Silicon Valley is littered with the corpses of startups 
that whined, "our custamer just doesn't get it.” Of course, it 
was the startup (and the engineers) who just didn’t get it. 


Technology-User Harmony 
What we needed, then, was a way to use AJAX apps and modify 
the URL bar in a way that it would not reload the page, yet still 
give fairly complete indication of where we were. Thus, Back and 
Forward, not to mention Refresh, would work just fine. 

The magic is in one little character, the hash (#). In the HTML 
specification RFC 1866, you can give a name to an anchor, as follows: 


<a name="nyname" /> 


If you do so, a browser should be able to go to the named 
section on the page by appending # and the anchar name to the 
URL. For example, if you have an HTML page named mypage.html 


<htmi> 
<head> 
<1-- lots of stuff --> 
</head> 


<body> 
<diveLots of content</div> 
<a name="part2"/> 

<divEven more contente/div> 
</body> 

</html> 


To get to the above page, you would go to httpivexample.com/ 
mypage html. But, if you wanted to go to that page and directly 10 
part2, you would go to http:/fexample.com/mypage htmltpart2 

The most interesting partis that if the browser is already on 
mypage.html and you go to mypage.htmitpart2, the browser 
should, and will, go directly to part2 without reloading the Web 
page. Even further, if the browser cannot find an anchor named 
part2, it will fail silently and graciously. Last, but not least, 
JavaScript events can capture this change and process it. 

With the above, we have the making of a system that uses 
AJAX for Rich Internet Application dynamism, yet can change the 
URL to indicate where we are, and thus work With, rather than 
against, the user. As a matter of fact, if you use Gmail and look 
closely, you will see that this is exactly how it works, 

f course, remembering to manage the URLs can be difficult 
and changes the way you work. Wouldn't someone have developed 
a framework to manage all of this? 


Enter Sammy 

Sammy is an amazing Web framework developed by Aaron Quint. 
Not only does it provide the framework for managing the URLS, as 
well as lots of additional functionality to boot, but it also actually 
dramatically improves how it writes your client-side apps. You 
move from programmatically driven to declarative. You return to 
the ease of use of the early Web 1.0 days, when the URL defined 
exactly where you were, but without giving up the dynamism of 
AJAX. Once again, the URL becomes the declarer of lacation in 
your app, and you can leverage its full power. 


Getting Started 
Let's explore a basic Sammy app. For our purposes, let's use a con- 
tact application. To keep things simple, let's not do any data updating 
in this article, although Sammy's semantics fully support it. Let's 
stick with simple GETS. In the contact application, we have ten 
contacts, each with the ID of 1 thraugh 10 (complicated!), and 
each with properties of First Name, Last Name and Email. Our 
application view has a left pane, wherein contacts are listed, and a 
right pane, wherein contact details are shown. Remember, we want 
this to be a Rich Internet Application, all running in a single page 

Word of warning: the cade in this article may be incomplete. 
If you want to download and run it, get the sample app off the 
Web (see Resources) 

First, lets define our single HTML page contacts htm: 


<html> 
shead> 

<script type="text/ javascript" charset="utt. 
sesrc=" jquery min. js"></script> 

<script type="text/ javascript" charset: 
wesrc="sammy .min.js"</script> 
<script type="text/javascript” charset="utf-8' 
wesrc="contactapp. js"></script> 

<style type="text/css"> 


ut. 


#list (float: left: width: 48%:) 
details (float: left: width: 48%;) 

</style> 

</head> 

<body> 

<h2oContact Application</h2> 

spoClick on a contact to view the details</p> 

<div id="List"> 
<table></table> 

<isiv> 

<div id="details"> 

<table> 
ctrocta>First Name:</td><te id="FirstName"></td></tr> 
<troctd>Last Name:</td><td id="LastName"></td></tr> 
ctrocta>Email:</td>ctd id="email"></td></tr> 

</table> 

<iaiv> 

</body> 

<rhtm> 


Notice several elements 


1 Installation: we included jQuery, a prerequisite for Sammy (and 
a really great library to boot), 


1 Installation: we included Sammy, after jQuery. 


HTML: the page is really simple. There are two blank divs, one 
with the ID list, the other with the ID details. They are floated. 


Declaring Our Paths 

Next, we need to declare what all the states are in which the applica- 
ton can exist. These will determine what paths we want. In our con- 
tacts app, we really have only two states: 1) listing the contacts and 
2) viewing one particular contact (while the main list remains open). 

In keeping with RESTful style, let's declare our URLS as follows: 

1) Listing the contacts: contacts. html#/contacts. 

2) Viewing one particular contact: 
contacts. ntml#/contacts/:id (where :id is replaced by 
the ID of the viewed contact) 

In addition, we want a default path. What happens if the 
user just opens contacts.html? 

3) Default path: contacts. html, re-routed to 
contacts. html#/contacts. 

Notice something interesting. We are defining various 
declarative paths. When each of these paths is encountered, we 
want to take a certain action. Essentially, these are routes. Most 
Ruby-based frameworks (Sinatra, Rails, Merb/Rails3 and so on) 
use this exact language, as does Sammy. 

So, we have three routes and their actions: 


m contacts. html—-redirect to contacts html#/contacts. 
m contacts. html#/contacts—list contacts 


™ contacts.html#/contacts/: id-eshow details for 
contact :id. 


In our included JavaScript file contactapp,js, we declare 
each of the routes: 
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» 


" 


sF app = $.sanny (functien(){ 
11 for the verb GET with the path #/, go to #/contacts 
this. get("A/" function context) { 

this. redirect(*8/contacts") 
» 


// for the verb GET with the path #/contacts, render the contacts 
this. get("#/contacts*,function(context) ( 
17 get our contact List from the server 
S.get("/contacts".function(res,status) ( 
1/ render the results - should include 
11 status-checking for safety 


11 JQuery already parsed the responce to ISON for us 
var List = res, tr, td, table = $("#List table"), a 


1/ clear the existing List 
table enpty() 


1/ use jQuery to go through each result 
S.each(List.function(i ela) { 
tr = $("etroc/tr>").appendTo( table) 
td = $("etd></ td") appendto(tr) 
17 the key part: make it a URL 
a= S("eae/a>") attr (bret, "#/contacts/"*elm. td) text 
‘(elm lastNase +" " + elm. tirstlane) appendTo( td) 
» 
son") 


17 ide the details 
S(#detaiis table") nide() 
» 


11 for the verb GET with a specific path #/contacts/:%d, 
11 render that one contact 
this. get("#/contacts/: id", function(context) ( 
17 get our contact List from the server ~ access 
17 param ‘id as this.parans. id 
S.get("/contacts/"4this.paraas.1d,function(res,status) ( 
1/ render the results - should include 
11 status-checking for safety 
1/ SQuery already parsed the response to ISON for us 
var contact = res, table = $("#details table") 


1/ find the elesents in the table, and F111 them with the data 
S(/#FirstNave" table) text (contact. Firstiane) 

S("#LastNane*, table) text (contact. LastName) 

("email table) text (contact.enail) 


1) wake sure the table 1s shown 
table. show) 
)."Json") 
»” 


set up a default route for contacts. htm 
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S(functian( 
app.run("#/") 
» 


Notice several key elements: 


1. There are no event handlers here at all. Although we might 
need some for things like edit buttons or key presses, 
navigation in the app really happens using URL <a> links. 
This makes it really easy to manage the app and understand 
what every change does. Clicking on a contact in the list 
is clicking on a URL. We just happen to use that URL ta 
control our app. 


2. We could have used a handler just as well. Instead of using 
an <a link, we could have put on a handler with $("1ist 
td") click (function(e).{...)): 


3. This application is incredibly short and easy to understand. That 
is the beauty of Sammy. 


4, The browser URL changes, but the page does not reload, We 
remain in the Rich internet App world, yet browser semantics 
simply work: Back, Forward, Reload. Try it! 


The full sample, without minified JS, is available on-line 
(see Resources). 


Summary 
Sammy gives us the pawer to provide Rich Internet Applications 
simultaneously, work with the user's mindset rather than against 
it, and program our apps using routes declaratively, making it 
much simpler to build yet richer internet applications. 

‘The Sammy library is open source under the MIT license and 
available on-line (see Resources). 


‘i Dicher san peraions and technalogy consultant basen New York and lel wha ha ben 
vlad in technology since the days ofthe 80 and Al. He has a BSin Elecria Engnerng from 
‘Coumia University and an MBA rm Duke Univers. e canbe reached a ai@atomicin com, 


Resources 


Qveryjquerycom 

Fuby on Rais: rubyonrails.org 

‘Sata for Ruby: wwwwsinatrarb.com 

Sammy: code.quitkey.com/sammy 

‘Sample fom This Art: jsorm.com/dac/samples/contacts/contacts htm! 
RFC 1866: wwwrfc-editororg/rfe/rfe1B66:txt 


Douglas Crockord's JavaScript Site: wwwcrockford.com 


Quick User Interfaces with Qt 


The user interface is progressing quickly these days. It has been 15 years since cool 
3-D buttons and the like. as popularized by Windows 95 and other early windowing 

environments, emerged. Now, we see halo effects, shades, transparency and more—all 
hardware-accelerated, and all making our computers look better than ever. JOHAN THELIN 


A consequence of Nokia's acquisition of Trolltech, a lot of 
attention has been paid to Qt’s abilities in the mobile device space. 
This not only means speed optimizations and support for more 
platforms, such as Symbian (and Android, if you look at community 
efforts), but it also means that what the Nokians refer to as device 
ser interfaces receive quite a lot of attention. 

A device user interface is basically a look and feel that 
integrates well with the device on which itis used. It also provides 
what modern consumers expect: fluid transitions, graphical effects 
and a polished look. The consequence of this is a move from a 
widget-based user interface to a scene-based one 

Qt still supports widgets, and many, if not most, applications 
still use them, As a matter of fact, new user interfaces are run 
in a specific widet—QGraphicsView. QGraphicsView, in turn, shows 
a QGraphicsScene, which contains QGraphicsitem instances. All of 
this then is managed by Qt Quick 

The Qt Quick concept consists of two parts. The first is the 
QML language, used to build Qt Quick user interfaces. The other 
is the QtDeclarative module that provides the means to execute 
QML components and integrate them with C++ code. 

The reason for developing QML was that creating fluid user 
interfaces with C++ is becoming increasingly complex. By 
designing a language specifically for the task of doing that, the 
work effort needed is greatly reduced. This is done in a fashion 
so that Qt and C++ still can be used for their strong points, by 
implementing the user interface using QML and the business 
logic and parts requiring performance in C++. As a side effect, 
the always-wanted split of user interface code and the rest of 
the application is enforced, as the parts are implemented using 
different languages. 

To understand how Qt Quick can be used, let's look at three 
aspects. First, QML in general, then how QML is used to build 
dynamic user interfaces and finally, how QML and C++ fit together. 


Introduction to QML 

QML is a declarative language, based on JavaScript. ttis based on the 
concepts of components that are declared and properties that are 
bound. A simple example of this is an empty, rectangular scene: 


import Qt 4.7 


Rectangle { 
id: theRect 


width: 408 
height: widthe1.5 


In this snippet, the component Rectangle is instantiated. All 
words starting with an uppercase letter instantiate components. 
In the rectangle declaration, three properties are bound to values. 
‘The id property is special; it names items. in the future, the 
rectangle can be referenced as theRect. To access a property 
of the rectangle, such as its width, theRect.width can be used. 

Next, the width is bound to the value 400, and the height is 
bound to the width times 1.5. Notice that the height is bound to 
width*1.5 and not assigned to the result of the multiplication. This 
means if the width changes, the height is updated automatically. 

ttalso is worth noting the first line, which imports all components 
that are part of Qt version 4.7. This imports a set of components, 
such as the rectangle class, defined and implemented using C++. 
It is possible to import more C+4+-based components, components 
written in QML or entire modules of QML components. 

| won't go into details on QML components here. Basically, 
‘a component is the contents of a given qml source file. Having 
imported a file named Foo. qmi, its contents can be instantiated 
a Foo (.... }. A module is a directory containing components. 
Importing @ module simply means importing all components of 
a directory. A really cool feature is that a module can be loaded 
from a remote location over the Internet. 


States and Transitions 

One concept that is heavily integrated into QML is states and 
transitions between states. The Qt 4.6 release saw the introduc- 
tion of the C++ classes for supporting this. However, with QML, 
Using states and transitions is a natural thing. 

‘The source code shown in Listing 1 demonstrates a number of 
QML concepts. First is the example of how to declare a hierarchy of 
items. The scene rectangle contains the red and blue rectangles. The 
red rectangle, in turn, contains a text iter and a mouse area item. 

‘The text item in the red rectangle demonstrates another fea- 
ture: anchor layouts. Items can be anchored to each ather, either 
to their sides or their center lines. The anchors can be offset using 
margins, and different items can be used for anchoring different 
parts of the same item. Basically, all your layout needs should be 
covered by anchor layouts. In this specific example, the center of 
the text is anchored to the center of the parent rectangle 

Further down, another text item is declared. This time, it is 
centered in the blue rectangle. Notice that the text iter does not 
have to be a child of the item on which itis centered. This will 
have implications later on. 

Moving on in the red rectangle, we reach the mouse area 
This is another concept in QML—interactive areas are not mapped 
tightly to the visuals. A mouse area is used to interact with mouse 
events. Think of it as an invisible rectangle that can be anchored 
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Listing 1. States and Transitions 
‘import Qt 4.7 


Rectangle { 
width: 300; height: 150 
id: scene 


Rectangle { 
id: red 
x: 98; y: 50 
width: 50; height: 50 
color: "re 


Text ( 
anchors.centerIn: parent 
text: "Red" 


HouseArea { 
anchors.fi11: parent 
onclicked: ( 


if(scene.state == "redFocus") 
scene, state: 

else 
scene. state = “redFocus” 


Rectangle { 

id: blue 

x: 208; y: 58 

width: 50; height: 50 
color: "blue" 


NouseArea 
anchors. fi11: parent 
onClicked: ¢ 


to other items, just as a visual item, 

In the mouse area, the onClicked signal is bound to a piece of 
JavaScript. In this case, it alters the state property of the scene 
item. This brings us to the states and transitions. 

Items in QML have a list of states and a list of transitions. In 
the example, the states’ list contains two states: redFocus and 
blueFocus. Each state contains a number of PropertyChange 
items. These items modify properties of target items. In the case 
of redFocus, the scale of the red item and the rotation of the 
blue item are changed. Other items can be used in states—for 
instance, ParentChange moves items in the item hierarchy. 

Looking back on the JavaScript bound to the onClicked event, 


os Be oH 


Figure 1. States and Transitions 
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if (scene, state 
scene. state: 


lueFocus") 


else 


scene. state = “blueFocus": 


Text { 
anchors,centerIn: blue 
text: “Blu 


states: [ 
State ( 
name: "redFocus™ 
PropertyChanges { target: red: scale: 2.5 } 
PropertyChanges { target: blue; rotation: 30 } 


State { 
name: “blueFocus" 
PropertyChanges { target: red: rotation: 30 ) 
PropertyChanges { target: blue; scale: 2.5 ) 
} 


transitions: [ 
Transition { 
NumberAnimation { properties: “scale”; 
duration: 200; easing.type: Easing.QutBounce } 
NumberAnimation { properties: "rotation" 
duration: 758; easing.type: Easing. IndutCubic } 


the change of the state property moves between the states listed 
in the states property. When the state is set to an empty string, 
the default state is used. This means all properties are set to their 
initial, unaltered values. 

The final piece of the puzzle is the transitions property, 

which is a lst of behaviors for value changes of different properties. 
It is possible to control each individual property for each item 
for each transition direction. In the example, however, we 
control only each property for all items and all transitions. 
The NumberAnimation items control how long each change 
takes and how the change is made. The scale bounces while 
the rotation accelerates and decelerates according to a cubic 
curve, forming a smooth motion 

Looking at the screenshots in Figure 1, you can see the difference 
between the two texts. In the case of the red rectangle, the text is 
a child of the rectangle. This means the rotation and scaling of the 
rectangle is applied to the text too. In the case of the blue rectangle, 
the text simply stays centered. tt is not affected by the transformations 
applied to the rectangle, because it is now a child of it. 


Listing 2. List View 
‘import Qt 4.7 


Rectangle ( 
width: 208; height: 200 


Listilodel ( 
id: countries 


ListElement { 


name: "Denmark"; capital: "Copenhagen" 
) 
ListElement { 
name: "Sweden"; capital: "Stockholm" 
) 
d 
Component. { 


id: countryDelegate 


Item { 
width: ListView.width; heignt: 58 


MouseArea ( 
‘anchors.fil1: parent 


fonClicked: { ListView.currentIndex = index; } 


Rectangle ( 
x3 ys 3 
Width: parent.width-6 
height: parent.height-6 


color: 


ListView.currentIndex 


radius: 8 


Models and Views 

When building user interfaces, a common scenario is to show a 
list of data. As you already have quessed, QML provides support 
for this as well. Listing 2 shows how this can be used. 

The example in Listing 2 consists of four major parts: the countries 
model, the countryDelegate component, the highlightFrame 
component and the ListView item, which puts it all together. 
Starting from the bottom, the list view item refers to a model, 
a delegate and a highlight. These are the model and components 
implemented earlier. In addition to this, some tuning of the 
views behavior is needed to allow keyboard navigation in parallel 
with mouse navigation 

Returning to the top of the example, the model is a ListMadel 
containing a set of ListElement items. The properties of the list ele- 
ments are made available through the view, as you can see if you 
continue into the countryDelegate component and its text items 

The countryDelagate component is what the list view uses to 


column { 
anchors.fi11: parent 
anchors.margins: 5 
Text { 


font.told: true; font.pixelsize: 18 


color: "#444444"; text: name 
) 
Text { 
font.italic: true; font.pixelsize: 16 
color: "#666666"; text: capital 
Soa 
Component. { 


id: nighlightFrane 


Item ( 

width: ListView.width; height: 58; 
y: listView.currentIten.y 
Rectangle { 

ways 

width: parent.width-6 

height: parent.height-6 

radius: 8 


border.width: 4; border.color: “darkGray” 


ListView { 

id: Listview 

anchors.fi11: parent. 

model: countries 

delegate: countryDelegate 
highlight: hightigntFrane 

focus: true 
highlightFollowsCurrentItem: true 


visualize each item of 
the list. It consists of a 
mouse area and a rect- 
angle with two texts in 
it. The mouse area sets 
the current item of the 
list if an item is clicked, 
While the texts show 
the data of the model, 
Notice that the text 
property of the items is 
bound to the property 
names used in the list 
elements of the model 
This makes it easy to 
tie items in a delegate 
to model data 


KS Mmomefesionaniprlect...) ) 
File Recording QOebuaging settinos > 
Denmark 


Goperteven 


Figure 2. A List View with a Delegate and 
Highlight Rectangle 
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Let's continue to the highlightFrame component. This is a 
frame that the view places over the current item. In this case, it 
adds a border to the item. The countryDelegate changes its own 
background color if itis the current item. This is because the cur- 
rent item is shown without a background color instead of with 
one. That is not possible to achieve using only a highlight frame. 

Finally, the list view puts it all together. The result is shown 
in Figure 2 


The QML Runtime 
tis common to rely on the QML viewer tool when developing 
QML applications, It also is common to use QML for populating 
models with data, be it phony or real data. Most state manage- 
ment and work also can be carried out from QML with the aid of 
JavaScript. However, in most cases, a native application is needed 
as the runtime environment for any QML application. This is where 
the QtDeclarative module enters the picture 

For readers who are familiar with Qt, itis good to know that 
QML consists of a language engine, a context for the scripts to 
execute in and a QGraphicsScene to operate inside. All these 
components can be set up manually—it even is possible to add 
QML components to an existing scene. This way, you can upgrade 
an existing application gradually. 

If you start from scratch with a QML application, the 
QDeclarativeView encapsulates all these components into a single 


Limitations of Widgets 


‘There are a number of limitations imposed from building user 
interfaces with widgets that are addressed when switching 
to a graphics view-based approach. One obvious limitation 
is that widgets are rectangular and like to be arranged side 
by side, which makes it hard to arrange non-rectangular 
items in a good manner. 


Another limitation is that widgets clip their children, which 
means children cannot extend outside their parent widget. 
Take a simple effect, such as having parts of a user interface 
explode. In that case, clipping is a limiting factor. 


‘Another feature that widget-basad systems usually do not 
‘support is sub-pixel resolution for item dimensions and place- 
‘ment. Also, transformations, such as scaling and rotation, are 
not supported by widgets. In a scene, all these features can 
be used to achieve the best possible visual experience, 


Taking transformations over time, it becomes obvious that 
widgets are not meant to slide, bounce or generally move 
about. They are designed to be arranged in layouts based 
‘on grids, columns and rows, and they provide users with a 
standardized, structured user interface. This is very good 
when the user is using the computer as a computer. When. 
the user is using a device, this type of computer interface is 
‘not the most appropriate solution. 


76 | april 2011 www.linuxjournal.com 


Getting Started with 
Qt Quick 


‘As Qt 4.7 recently was released, Qt Quick is becoming available 
through the repositories of most distributions. Some distributions 
choose to package Qt in several packages, so make sure you 
get the Qt development package, the Gt Creator package and all 
(Qt modules, especially those referencing to Ot declarative. In the 
Linux world, | recommend you use the facilies provided by your 
distribution to install and maintain your software. However, 
for those of you needing a particular version of the Qt tools, 
or if you are using a distribution that doesn't include Qt, you 
can download the Qt SDK from Nokia's Web site, 


‘The package that you want is the Qt SDK, available from 
qt.nokia.com/downloads. Simply download the file, chmod 
it to make it executable and run the installer. You can install 

it in your home directory if you do not have root access. The 
SDK includes tools, demos, sources and documentation, all 
in one convenient package. 


dass, which also happens to be a widget. For an application relying 
‘only on QML for its user interface, this is all that it takes, 

To integrate C+ objects into QML, the QObject meta-systern 
is used, This means that any QObject-derived class can be exposed 
to QML. From QML, properties, signals and slots will be available 
‘As QML properties are bound to values, rather than assigned, 
any changes in the C++ part of the application is reflected 
automatically in the QML part. 

itis beyond the scope of this article to go into details on this, but 
in the first example, the state could have been driven from C++. This 
would have let QML handle what itis good at: visuals and dynamic 
transitions. n the second example, a typical application would provide 
‘the model from C++—again, letting QML focus on the visuals 

This approach has a number of benefits. The first one is that 
the user interface is created quickly using QML as the whole lan- 
guage is focused on that goal. The other is that you are forced to 
maintain a clear division between the user interface and the rest 
of the application. This leads to more structure and better code 


The Future 
Looking at the future of Qt Quick, many things may happen. In 
MeeGo, the MeeGo touch initiative is implementing new widgets 
Using Qt Quick. in KDE, Plasma is supporting Qt Quick. One effect 
Of this is that you can write Plasmoids using QML. In the Qt tooling 
department, the trolls are working on a visual designer for Qt Quick 
it already has a few interesting features—for instance, layers can be 
imported from GIMP and Photoshop directly into the designer. 
Looking at Qt, | don't think we have seen the last widget-based 
application yet. Actually, when creating serious software for serious 
tasks, | see no reason nat to use widgets. However, with the new 
focus on mobile, not only within the ald Tralltech, but the entire Linux 
community, | think that Qt Quick will be a very frequently used tool.m 


Johan Taln is a passionate Ot and open-source user. He spends his days at Pelagicare 
‘working with Linax and opensource inthe automotive industry. A ight, he works as 2 
‘consultant and freelance writer 


Calibre 


The ultimate in open-source e-book management. DAN SAWYER 


've got e-books—a lat of e-books. | was one of those geeks 
who, when he found Projects Gutenberg and Perseus, was 
convinced the Rapture would happen tomorrow because life 
had reached its highest pinnacle on the celestial plains 

If the rapture didn’t happen, nuclear war might. So | wanted 
to make sure I'd have all the books | could get my hands on 
When Fictionwise and Tor started giving books away, | was 
there too. When non-DRM-encumbered books became available 
through Smashwords, | started picking them up as | could 
afford them. Ditto for Doctorow's stuff and other e-books by 
friends of mine—and let's not even mention the hundreds of 
NASA, Navy and Army manuals | use for research. 

Fast-forward 13 years since discovering Project Perseus, 
and | have more e-books than | really know how to deal with 
More than an embarrassment of riches, it was a bloody mess 
and high time to do something about it. 


E-book Management: the Old Way 

Generation one of my library organization project went the 
way any competent, non-database-designing sysadmin would 
do it: with a sensible directory structure. After many hours, | 
wound up with a system that was excellent for nonfiction, but 


DMCA overthrow has just come down—happy day!—so any 
such features are as yet undocumented), and allows medium- 
grained metadata control over all of them. For fine-grained 
metadata control, you need more specialized tools, or you 
need to edit the files directly with a compatible editor. For 
example, Sigil does this quite splendidly for EPUB. For house- 
holds with multiple species of e-readers, this is a must. 

Calibre also can autopopulate your library's metadata, 
pulling it down from a number of different on-line databases 
by title, author and ISBN. 

It allows rating, so you can keep track of how much you 
liked your book 

It has a very handsome cover art browser. 

It can store Open Document Format files as e-books and 
create metadata for them. This gives it the nice unintended 
utility as a version control system for authors 

It comes with a native e-book reader that allows limited 
annotations and can view a number of the supported formats. 
For those formats that Calibre does not support reading 
directly, it will launch your operating system's default viewer 
with the click of a button. 

It also nests multiple formats of the same book under the 


Enter Calibre, the Python-based, data-fetching, universally device-compatible 
e-book management and conversion program. 


crap for fiction. After all, the best you can do with a good 
directory tree is break out by genre, author and series. That's 
adequate for reference materials, but not great for the 
inevitable "hmmm...what do | want to read next?” 

A good library needs good metadata, and directory structures 
have squat. E-book management software that ships with many 
readers attempt to do this, but they tend to have proprietary 
tes to devices and operating systems. They're usually not 
Linux-friendly, and they're also not very friendly to collection 
longevity. DRM? Proprietary formats? Thank you, no. 

What | needed was something like iTunes or Amarok, but 
with a decent interface, designed for books. Fortunately, | 
wasn’t the only person with this problem: 


E-book Management: the New Way 
Enter Calibre, the Python-based, data-fetching, universally 
device-compatible e-book management and conversion program, 
The product specs are ambitious, and the implementation is, 
though occasionally bumpy, pretty darn spectacular 

Unlike most proprietary, device-specific management programs, 
Calibre converts all major formats into one another (| do not 
know how it handles DRM, as at the time of this writing the 


same entry in the database and directory structure, so when 
you convert, say, a PDF to Kindle format for your Kindle, you 
don’t have duplicate titles popping up in your book list. 

It syncs to more than 20 different makes and models of 
e-book reader and also allows you to access most readers 
(even the unsupported ones) in mass storage mode, so you're 
future-proofed if you change reader platforms later on. 

So, what are we waiting for? 


Fetching 
Calibre can be found at an uncommonly well-designed Web 
site: www.calibre-ebook.com. Click the download button, 
select Linux from the following screen (you'll notice that it 
also runs on Mac and Windows—a plus for those of us with 
multiplatform networks), and read the following screen first 

Calibre is picky about the dependencies; the glibc and 
Python versions are particularly important. Recent distributions 
are all in compliance, but older distros might require some 
updating to work properly (you also may need to compile 
them yourselt—a fairly trivial undertaking—of course, your 
mileage may vary). 

Assuming you're in compliance, copy the code from the 
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on. It also includes the cover art, the 
listing of the different formats in 
which you have the book, a comments, 


field and a tags field. Fetching metadata 
from the remote server populates the 
fields for you, not including the cover 


i cw 
a = i Se inne eamM I) ar, and it puts the back-of book copy 
: bea x in the comments field and the genre in 
Sein the tags field. Downloading the cover 
aos art pulls the cover art linked to that 
Sie | — ISBN from the ISBN or Google Book 
| 4 eee servers. If you get art for an edition 
OE id Cae) you didn’t intend, you always can 


BI ono replace it by hand, 


Figure 1. Calibre Interface 


code window into your root terminal (you must run the install 
as root; otherwise, it tends to fail with nasty comments about 
your intelligence, heritage and recreational proclivities), and 
press Enter. if all goes well, a new item should appear in your 
window manager’s start menu, If it didn't, you most likely 
missed a dependency, 


Getting to Know Calibre 
Calibre’s project manager Kovid Goyal deserves a big pat on 
the back (and tips in the tip jar). Not only is the program organized 
Well, the Web site easily navigable, and the installation relatively 
painless, but the documentation is 
very comprehensive as well 

When you open Calibre, you're 
presented with the main interface 
screen (Figure 1) 

You'll notice the unique interface 
concept. There is no standard menu 
bar—just a toolbar with a few basic 
buttons and drop-downs under the 
buttons to allow you access to finer- 
grained controls on each of thase tools 

Starting at the top left is the but- 
ton that starts it all: Add Books. The 
list box attached to it gives you the 
option to add a single book, add a 
directory or a nested directory struc- 
ture, or to add an empty entry into 
the database that you can populate 
later. This last option is useful if you're 
also adding your physical books to the 
collection—it can serve as a placeholder 
with instructions on where the book 
is shelved. 

Moving along to the right is the 
metadata tool. This is the heart and 
soul of your database, The metadata 
are all your obvious tags: ISBN, Author, 
Series name, Publisher, Copyright date, 
Publication date for that edition and so 
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Pushing the metadata button 
brings up the metadata edit screen 
for the individual book you have 

selected (Figure 2). Using the drop-down list, you can act 

upon the metadata of multiple selected books in a variety 

of ways using batch functions—most handy. 

The third button is the conversion tool, which lets you 
translate one format into another—very handy for devices 

like the Kindle, which reads only one kind of proprietary file 

format. You can translate EPUBs, properly formatted PDFs 

(some formatting conventions, like headers and footers, can 

cause major headaches), OpenOffice.org documents and so 

on, into Kindle AZWs for easy viewing on your Kindle. in many 
cases, the default settings are quite adequate, but for the 


Figure 2. Editing Metadata 


Figure 3, Preferences Screen 


occasions when they're not, the tool gives you direct access 
to the document's structure and several of the XML wild cards. 
This is the one section of the program that, at the time of this 
writing, Is not well documented, so you'll need to experiment 
if you're getting wonky results from the default conversion. 

The drop-down list also gives you the option of creating a 
device-exportable library catalog—handy for those who like t 
compare book lists with their friends or who, like me, are sim- 
ply nuts for library catalogs. (Don't laugh, there are more of us 
than you think, and we live on the 
Internet with vast botnets at our beck 
and call. Taunt us at your own risk.) 

Next is the View button, which 
is fairly self-explanatory. Clicking it 
opens the default viewer for the 
highest-priority format in which the 
book is available. Clicking on the list 
box gives you the further option to 
view a specific format rather than just 
using the one Calibre picks for you 
by the numbers. 

Next up, there's a button curiously 
entitled Fetch News. This is actually a 
very sophisticated RSS reader, and it 
comes preloaded with more than a 
thousand news feeds in various lan- 
guages. If your e-reader doesn’t have 
Wi-fi or 3G, and you want to batch- 
spool up your morning news or blogs, 
this is the tool for you. It can pull down 
anything with an RSS feed, so you 


always can have the latest installment 
of Dactorow’s current novel added to 
your library as soon as it’s released 

Clicking the button brings up the 
scheduling window if you don’t have 
anything scheduled yet (here you set 
the download schedule) or it grabs all 
queued downloads if you have them 
scheduled. Using the drop-down menu 
lets you fetch the news and customize 
the feeds by creating “recipes” for 
your specific news-reading needs 
(basically, a list of RSS feeds and the 
way you want them to appear in your 
customized electronic newspaper) 

The next button along is your 
device controller. It syncs your selected 
reading list with your e-reading 
device. The drop-down menu lets 
you select the particular driver (if 
autodetection is not working properly) 
and tweak other sync settings 

If your device isn’t recognized, 
due to driver problems, kernel issues 
or the device being so new there isn’t 
a driver for it yet, fear not. The next 
button is Save To Disk, which will save the selected books to 
any location in your file tree that you please, including a USB 
mass storage device, such as your e-reader’s internal Flash 
memory. When using this option, you'll usually need to reboot 
the device so that it rescans its file tree and updates its 
database accordingly. 

Next is the Remove Books button, which also is self- 
explanatory. The drop-down gives you the option to remove 
singles, multiples, specific formats contained within the 


Figure 4, Graphical Bookshelf Browser 
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selected titles only, cover art only, or 
to remove the selected books from 

the attached device, but not from 

the library. 

Finally, there's the Preferences button, 
which brings up the granddaddy of all 
dialogs (Figure 3). This is the beating 
heart of the operation, offering lower- 
level access to the database, debug func- 
tions, conversion defaults and a bunch 
of other stuff. Most interesting, perhaps, 
is the Calibre server setup, which allows 
Calibre to operate like a remote library 
system for ather computers on your 
network (or on the Internet, if you often 
experience the sudden need for one of 
your e-books while at the office). Pretty 
much everything in here, sophisticated 
though it is, is self-explanatory. 

Below the button bar, there's a field 
listing the available collections, Calibre 
can support multiple libraries, and this is 
Where you switch between them. Below 


turned off in my default layout is the 
graphical bookshelf (Figure 4). 

This handy interface allows you to 
{lip through the list as it appears 
(search-restricted and all), like you'd 
flip through books on a bookshelf 
Clicking left shutfles to items farther 
Up the list, clicking right shuffles to 
items farther down the list. 


Building the Library 
If you're anything like me, you probably 
have some kind of e-book library 
already, so you'll want to start off by 
importing what you've got. Because 
Calibre’s library import feature does 
some destructive rewriting, it's worth 
creating a backup copy of your library, 
just in case 

‘After importing, you're going to 
have books in your list—maybe a lot 
of books. And, because most e-book 
metadata tends to be poor, the books 


that is only partly the responsibility of 
the development team. The USB stack 
under the most recent versions of the 
Linux kernel has been occasionally 
glitchy. As a result, several recent 
distributions, including one of the ones 
Irun, have had trouble syncing to 
external devices. The device would 
show up as a mass storage device, 
but attempting to access the device's 
internal database resulted in crashes, 
nasty core dumps, segfaults and the 
occasional exploding computer, 

In the most recent kernel versions, 
this seems no longer to be a problem, 
but if you encounter it and can’t 
upgrade your kernel or distro, you can 
usually fall back to mass storage mode 
and hand-sync your books through the 
Save To Disk button. 

My other gripe is that there's only 
‘one comment field. The ability to deeply 
annotate books or keep reviews on 


This handy interface allows you to flip through the list as it appears 
(search-restricted and all), like you'd flip through books on a bookshelf. 


that, there's a search bar. It doesn’t 
search within the books, alas, but it does 
search the metadata quite effectively. 

Moving down again, Is the library 
itself. In the left pane, you'll find the 
available hierarchies—Authors, Publishers, 
Tags, formats and ratings. It offers all of 
these as pre-sorted searches, and clicking 
on them will modify the list you see in 
the center pane. 

The center pane (s your library itself. 
All the metadata is listed in easy-to-read 
rows of alternating colors. You can 
organize them alphabetically by any 
of the available fields simply by clicking 
on the column title, just as you can 
do with any spreadsheet or other list- 
driven program 

The rightmost pane shows you the 
cover art and a quick rundown on the 
book currently highlighted. File types, 
comments and so on all appear here. 

Finally, along the bottom of the 
screen are three buttons that control the 
layout of the program. Toggling these 
three buttons turns on and off different 
panes on the screen. The one that's 
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in your list are probably haphazard and 
not well organized 

Organizing them can be a laborious 
process, but there are a few ways to 
make the job less irritating—bulk- 
editing the metadata is chief among 
‘them, as mentioned earlier. For exam- 
ple, if you had 20 titles by the same 
author, you could select all of them, 
right-click on one of them, and select 
Bulk Edit Metadata from the pop-up 
menu. In the resulting screen, you can 
set the author, genre tags, publisher tag 
and most (but not all) other data fields 
to help with your sort. You also can 
check a little box that says Swap Author 
and Title fields. This one is particularly 
Useful, as many poorly tagged e-books 
ate tagged with these fields the wrong 
way around. 

Once the organization is done to 
your satisfaction, you're good to go. 


Weaknesses and Caveats 

AAs shining as the program is in most 

respects, it comes up short in a couple areas. 
The first, and most annoying, is one 


books simply isn’t there. This will cramp 
the style of research junkies and avid 
bookwarms alike. Hopefully, this will 
be remedied in future versions (it's not, 
like there is any shortage of potential 
metadata fields). 


Wrap-Up 

Calibre is the best-of-breed solution 
currently on offer for any platform, and 
it is well worth the download if you've 
got an e-book collection numbering 
more than a dozen, or if you've been 
trying to figure out some way to 
manage things on your Sony, Nook or 
Kindle without having to boot the 
Windows image. Enjoy! 


Dan Sawyer isthe founder of AristicWhispers Productions 
(wwrwatsticwhispers studi in 
the San Francisco Bay Area. He 
advocate for fee and open-source software since the late 
1990s, He currently is podcasting his science-fiction 
thriller Anithesis and his short story anthology Sculpting 
God. He also hosts “The Poyschizmatc Reprobates Hour”. 
«cultural commentary podcast Author contac information 
is avalale at www dsawyeret 
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Hacking with Humor 


When the going gets tough, the creative get funny. Doc SEARLS 


Hacking is largely a practical matter— 
scratching itches and all that. But, some 
hackers work in service of irony, manipulat- 
ing social as well as computer code—to 
effects that are equally interesting, useful 
and funny. At this line of work, nobody 
‘outdoes Tim Hwang (aka @TimHwang), who 
blogs as Broseph Stalin (after retiring as. 
‘commissioner of the US Bureau of Fabulous 
Bitches) and whose CV also includes creat- 
ing and organizing all of the following: 


i ROFLCon ("the most epic Internet 
culture conference ever assembled”, 
and it’s true). 


1 The Awesome Foundation for the 
Arts and Sciences (“an ever-growing, 
worldwide network of people devoted 
to forwarding the interest of awesome- 
ness in the universe”). 


The Web Ecology Project (in which he 
is also identified as “an analyst with 
The Barbarian Group"—where he 
works on issues of group dynamics 
and Web influence, adding that he 
*is in the process of watching every 
homemade flamethrower video on 
YouTube", the results of which were 
presented at SXSW last year) 


Robot Robot & Hwang (his future law 
firm, currently working on “an open- 
source project to develop the legal 
infrastructure to allow for large-scale 
securitizing of lawsuits”) 


i SOCIALBOTS 2011 ("the first-ever com- 
petitive event in the large-scale robotic 
influence of on-line social groups"). 


| met Tim when he was a researcher 
at the Berkman Center and got to know 
him better through ROFLCon and The 
‘Awesome Foundation (in which | now 
hold a chair in the original Boston 
chapter). It also seemed like | ran into 
Tim pretty much everywhere around the 
MiFHarvard axis of Cambridge-based 
social and technical hackery. 

| stil don’t know where Tim went to 
college, though I'm guessing it was one 
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of the two likely suspects. (Berkman is at 
Harvard and ROFLCon happens at MIT.) | 
never asked. From a hacking perspective, 
Where one went to school (or currently 
goes to school) is not a matter of great 
importance. This is one of the things that, 
drew me to working with Linux Journal 
and hanging with hackers in the first 
place. The hacker ethos is a corollary to a 
line on a Tshirt | used to see a lot in Los 
Angeles. it read, “It isn’t who you are but 
how you look, After all, who cares who 
you are?” Around hackerdom, it's like, “it 
isn’t where you went but what you do. 
After all, who cares where you went?” 

These days, Tim goes to UC-Berkeley, 
Where he's a law student. What he's doing 
(and presumably will da when he gets 
out) is work with Robot Robot & Hwang 
And, since 
hacking law is. 
an activity on 
which at least 
one of my 
own open- 
source projects 
depends, I'm 
looking for- 
ward to Tim's 
\ progress on 

that front. 

Meanwhile, 
my immediate 
interest is in SOCIALBOTS 2011, which will 
be over by the time you read this. The 
whole “social network” craze drives me 
up a wall, We've had “social networks” 
forever, both off-line and on. Bars, restau- 
rants, churches, town squares, market- 
places, cafés, USENET, FidoNet, SMS, 
blogging—all those things are no less 
social than Twitter and Facebook, yet 
when somebody says “social network", 
those two things are what they mean. 
Until | busted them for it, Wikipedia's 
entry for "social media” read: 


Tim Hwang 


Social media have been modern- 
ized to reach cansumers thraugh 
the Internet. Social media have 
become appealing to big and 
small businesses, Credible brands 
are utilizing social media to reach 


customers and to build or main- 
tain reputation. As social media 
continue to grow, the ability to 
reach more consumers globally 
has also increased. Twitter, for 
example, has expanded its global 
reach to Japan, Indonesia and 
Mexico, among others. This means 
that brands are now able to adver- 
tise in multiple languages and 
therefore reach a broader range of 
consumers, Social media have 
become the new “tool” for effec- 
tive business marketing and sales 


But, while | mocked the pursuit of 
Influence and rankings on Twitter as 
“high school with a business model", 
Tim hacked up a way to prove it, with 
SOCIALBOTS 2011. The pitch: 


‘Teams will program bots to control 
User accounts on Twitter in a brutal, 
two-week, allout, no-holds-barred 
battle to influence an unsuspecting 
cluster af 500 on-line users to do 
their bidding, Points will be given 
for connections created by the bots 
and the social behaviors they are 
able to elicit among the targets 
All code to be made open source 
Under the MIT license. 


Its blood sport for Internet social 
science/network analysis nerds. 
Winner to be rewarded $500, 
unending fame and glory, and 
THE SOCIALBOTS CUP 


ook at this as a way of debugging 
Twitter, plus every other “social network" 
(or wannabe) whose executives cringe at 
the results 

Here's betting that Tim's hack will do 
more good than a thousand complaints 
like mine. 

Oh, and don't forget to check 
roflcon.org for details on ROFLCon 3. 


Doe Seats is Senior Etro Linux Journal He aso a 
fellow with the Berkman Center for Inemet and Society at 
Harvard University andthe Center for Infarmaton Technology 
‘and Society a UC Santa Barbara, 
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ration with techs who speak HPC. 


Design your next custom cor 
Rely on our integration expertise for complete and thorough testing 
of your workstations, turnkey clusters and servers. Whether you need 
Linux or Windows, CUDA or OpenCl, we've been resalving the 
complicated issues ~ so you don't have to - since 1982. 


Configure your next WhisperStation or Cluster today! 
microway.com/quickquote or call 508-746-7341 21 wi Ne wih HS Metole 


Sign up for technical newsletters and special GPU promotions at microway.com/newsletter shins Ur ia ase es 
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Technology you can count on~ 


